Search by:
19 June 2018
Siemens has published several advisories on vulnerabilities identified and closed in its solutions.
Specifically, CVE-2018-4833, a remote code execution vulnerability, was fixed in the following products:
The security issue identified could allow non-privileged remote attackers located in the same local network segment to execute arbitrary code on affected products by sending a specially crafted DHCP response to a client’s DHCP request.
To fix the vulnerability in SCALANCE X-200 and X-200 IRT, updating the firmware of these devices to versions 5.2.3 and 5.4.1, respectively, is recommended. For the remaining products, the vendor recommends using static IP addresses instead of DHCP.
Additionally, two XSS vulnerabilities, CVE-2018-4842 and CVE-2018-4848, have been fixed in SCALANCE X switches. These vulnerabilities were found in the built-in configuration web server. The following switch models are affected:
Successful exploitation of CVE-2018-4848 is only possible if the user clicks on a special link while being logged in. And to exploit CVE-2018-4842, an attacker needs to be able to log into the administrative web application.
In addition to the above flaws, six vulnerabilities, three of them dangerous, have been identified in SCALANCE M875 industrial routers. These vulnerabilities include arbitrary code execution (CVE-2018-4859 and CVE-2018-4860), XSS (CVE-2018-11448) and cross-site request forgery (CVE-2018-11447).
These vulnerabilities were fixed in the new router model, SCALANCE M876-4.
Source: Siemens