Remote Denial-of-Service in SINUMERIK VNC Server from Siemens
CVE-2018-11464

3.7LOW

Key Information:

Vendor: Siemens
Status: Sinumerik 828d V4.7, Sinumerik 840d Sl V4.7, Sinumerik 840d Sl V4.8
Vendor: CVE Published:; 12 December 2018

Summary

A vulnerability has been found in specific versions of Siemens SINUMERIK, where the integrated VNC server on TCP port 5900 can be exploited by remote attackers to trigger a Denial-of-Service condition. This can occur if the port is opened in the firewall of network port X130, allowing an attacker with network access to disrupt the server's availability. Exploitation requires no special permissions or user interaction, highlighting the severity of network exposure.

Affected Version(s)

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 828D V4.7 : All versions < V4.7 SP6 HF1 < SINUMERIK 828D V4.7 : All versions V4.7 SP6 HF1

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 840D sl V4.7 : All versions < V4.7 SP6 HF5 < SINUMERIK 840D sl V4.7 : All versions V4.7 SP6 HF5

SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 840D sl V4.8 : All versions < V4.8 SP3 < SINUMERIK 840D sl V4.8 : All versions V4.8 SP3

References

http://www.securityfocus.com/bid/106185

vdb-entryx_refsource_BID

https://cert-portal.siemens.com/productcert/pdf/ssa-17088...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
May 25, 2018