CVE-2018-11452: Input Validation
First published: Mon Jul 23 2018(Updated: )
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the EN100 communication module if oscillographs are running. A manual restart is required to recover the EN100 module functionality. Successful exploitation requires an attacker with network access to send multiple packets to the EN100 module. As a precondition the IEC 61850-MMS communication needs to be activated on the affected EN100 modules. No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens DNP3 TCP Firmware | ||
| Siemens IEC 61850 Firmware | <4.33 | |
| Siemens IEC104 Firmware | ||
| Siemens Modbus TCP Firmware | ||
| Siemens PROFINET IO Firmware | ||
| Siemens EN100 Ethernet Module | ||
| Siemens CP100 Firmware | <7.80 | |
| Siemens CP200 Firmware | ||
| Siemens CP300 Firmware | <7.80 | |
| Siemens 6MD85 Firmware | ||
| Siemens 6MD86 Firmware | ||
| Siemens 7KE85 Firmware | ||
| Siemens 7SA82 Firmware | ||
| Siemens 7SA86 Firmware | ||
| Siemens 7SA87 Firmware | ||
| Siemens Siprotec 5 7sd82 | ||
| Siemens 7SD86 firmware | ||
| Siemens 7SD87 Firmware | ||
| Siemens Siprotec 5 7SJ82 | ||
| Siemens 7SJ85 firmware | ||
| Siemens 7SJ86 Firmware | ||
| Siemens 7SK82 Firmware | ||
| Siemens 7SK85 Firmware | ||
| Siemens 7SL82 Firmware | ||
| Siemens 7SL86 Firmware | ||
| Siemens 7SL87 Firmware | ||
| Siemens 7SS85 Firmware | ||
| Siemens 7UM85 Firmware | ||
| Siemens 7UT82 Firmware | ||
| Siemens 7UT85 firmware | ||
| Siemens 7UT86 firmware | ||
| Siemens 7UT87 Firmware | ||
| Siemens 7VK87 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-11452?
CVE-2018-11452 is a vulnerability identified in Siemens firmware variants IEC 61850, PROFINET IO, Modbus TCP, and DNP3 TCP for EN100 Ethernet module.
What is the severity of CVE-2018-11452?
The severity of CVE-2018-11452 is high, with a severity value of 7.5.
Which software versions are affected by CVE-2018-11452?
All versions of Siemens firmware variants IEC 61850 for EN100 Ethernet module, PROFINET IO for EN100 Ethernet module, Modbus TCP for EN100 Ethernet module, and DNP3 TCP for EN100 Ethernet module are affected, with versions below 4.33 for IEC 61850.
How can I fix CVE-2018-11452?
To fix CVE-2018-11452, Siemens recommends updating the firmware to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2018-11452?
More information about CVE-2018-11452 can be found in the following references: [Link 1](https://cert-portal.siemens.com/productcert/pdf/ssa-325546.pdf), [Link 2](https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdf), [Link 3](https://www.securityfocus.com/bid/106221).
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens dnp3 tcp firmware
- canonical/siemens iec 61850 firmware
- canonical/siemens iec104 firmware
- canonical/siemens modbus tcp firmware
- canonical/siemens profinet io firmware
- canonical/siemens en100 ethernet module
- canonical/siemens cp100 firmware
- canonical/siemens cp200 firmware
- canonical/siemens cp300 firmware
- canonical/siemens 6md85 firmware
- canonical/siemens 6md86 firmware
- canonical/siemens 7ke85 firmware
- canonical/siemens 7sa82 firmware
- canonical/siemens 7sa86 firmware
- canonical/siemens 7sa87 firmware
- canonical/siemens siprotec 5 7sd82
- canonical/siemens 7sd86 firmware
- canonical/siemens 7sd87 firmware
- canonical/siemens siprotec 5 7sj82
- canonical/siemens 7sj85 firmware
- canonical/siemens 7sj86 firmware
- canonical/siemens 7sk82 firmware
- canonical/siemens 7sk85 firmware
- canonical/siemens 7sl82 firmware
- canonical/siemens 7sl86 firmware
- canonical/siemens 7sl87 firmware
- canonical/siemens 7ss85 firmware
- canonical/siemens 7um85 firmware
- canonical/siemens 7ut82 firmware
- canonical/siemens 7ut85 firmware
- canonical/siemens 7ut86 firmware
- canonical/siemens 7ut87 firmware
- canonical/siemens 7vk87