Local Access Vulnerability in SINUMERIK Products by Siemens
CVE-2018-11465

7.8HIGH

Key Information:

Vendor: Siemens
Status: Sinumerik 808d V4.7, Sinumerik 808d V4.8, Sinumerik 828d V4.7, Sinumerik 840d Sl V4.7, Sinumerik 840d Sl V4.8
Vendor: CVE Published:; 12 December 2018

Summary

A vulnerability exists in various SINUMERIK systems allowing local attackers to exploit unintended conditions through ioctl calls. This can lead to out of bounds reads, arbitrary writes, or even execution of code in kernel mode. Although the exploitation requires user privileges, it does not require user interaction, raising concerns for the confidentiality, integrity, and availability of the affected systems. As of the advisory's publication, no public exploits are known.

Affected Version(s)

SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 808D V4.7 : All versions

SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 808D V4.8 : All versions

SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8 SINUMERIK 828D V4.7 : All versions < V4.7 SP6 HF1 < SINUMERIK 828D V4.7 : All versions V4.7 SP6 HF1

References

http://www.securityfocus.com/bid/106185

vdb-entryx_refsource_BID

https://cert-portal.siemens.com/productcert/pdf/ssa-17088...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
May 25, 2018