Unauthenticated Firmware Manipulation in Siemens EN100 Ethernet Modules
CVE-2018-4838

7.5HIGH

Key Information:

Vendor: Siemens
Status: En100 Ethernet Module Iec 61850 Variant; En100 Ethernet Module Dnp3 Variant; En100 Ethernet Module Profinet Io Variant; En100 Ethernet Module Modbus Tcp Variant
Vendor: CVE Published:; 8 March 2018

Summary

A vulnerability in Siemens EN100 Ethernet modules has been identified, which allows unauthenticated users to manipulate the firmware through the web interface on TCP port 80. This could enable attackers to upgrade or downgrade the device's firmware to earlier versions that contain known vulnerabilities, putting the device and the network at risk. The affected products span various communication protocols, including IEC 61850, DNP3, PROFINET IO, Modbus TCP, and IEC 104. It is crucial for users to secure their devices by applying the latest firmware updates.

Affected Version(s)

EN100 Ethernet module DNP3 variant All versions < V1.04

EN100 Ethernet module IEC 104 variant All versions < V1.22

EN100 Ethernet module IEC 61850 variant All versions < V4.30

References

https://cert-portal.siemens.com/productcert/pdf/ssa-84587...

x_refsource_CONFIRM

https://www.securityfocus.com/bid/103379

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 8, 2018
Vulnerability Reserved
Jan 2, 2018