Remote Code Execution Vulnerability in SINUMERIK Web Server
CVE-2018-11457

8.1HIGH

Key Information:

Vendor: Siemens
Status: Sinumerik 828d V4.7, Sinumerik 840d Sl V4.7, Sinumerik 840d Sl V4.8
Vendor: CVE Published:; 12 December 2018

Summary

A vulnerability exists in the web server component of the SINUMERIK series, specifically affecting multiple versions of the SINUMERIK 828D and 840D systems. An attacker with network access could exploit this flaw by sending specially crafted requests to the server operating on port 4842, potentially allowing the execution of malicious code with elevated permissions. This exploit requires that port 4842 is open in the firewall settings. Successful exploitation poses risks to the system's confidentiality, integrity, and availability without needing prior user authentication or interaction.

Affected Version(s)

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 828D V4.7 : All versions < V4.7 SP6 HF1 < SINUMERIK 828D V4.7 : All versions V4.7 SP6 HF1

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 840D sl V4.7 : All versions < V4.7 SP6 HF5 < SINUMERIK 840D sl V4.7 : All versions V4.7 SP6 HF5

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 840D sl V4.8 : All versions < V4.8 SP3 < SINUMERIK 840D sl V4.8 : All versions V4.8 SP3

References

http://www.securityfocus.com/bid/106185

vdb-entryx_refsource_BID

https://cert-portal.siemens.com/productcert/pdf/ssa-17088...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
May 25, 2018