What is the severity of CVE-2018-13801?

CVE-2018-13801 has a high severity due to the potential for privilege escalation upon successful exploitation.

How do I fix CVE-2018-13801?

To fix CVE-2018-13801, upgrade the Siemens ROX II Firmware to version 2.12.1 or later.

Who is affected by CVE-2018-13801?

CVE-2018-13801 affects all versions of Siemens ROX II Firmware prior to version 2.12.1.

What are the potential impacts of exploiting CVE-2018-13801?

Exploiting CVE-2018-13801 could allow an attacker to gain root privileges, leading to unauthorized control over the affected device.

What access is required to exploit CVE-2018-13801?

Exploitation of CVE-2018-13801 requires network access to port 22/tcp and valid low-privileged user credentials.

Vulnerability/
CVE-2018-13801

critical

CWE

269 264

9/10/2018

5/8/2024

CVE-2018-13801

First published: Tue Oct 09 2018(Updated: )

A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens ROX II Firmware	<2.12.1
Siemens ROX

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-13801?
CVE-2018-13801 has a high severity due to the potential for privilege escalation upon successful exploitation.
How do I fix CVE-2018-13801?
To fix CVE-2018-13801, upgrade the Siemens ROX II Firmware to version 2.12.1 or later.
Who is affected by CVE-2018-13801?
CVE-2018-13801 affects all versions of Siemens ROX II Firmware prior to version 2.12.1.
What are the potential impacts of exploiting CVE-2018-13801?
Exploiting CVE-2018-13801 could allow an attacker to gain root privileges, leading to unauthorized control over the affected device.
What access is required to exploit CVE-2018-13801?
Exploitation of CVE-2018-13801 requires network access to port 22/tcp and valid low-privileged user credentials.

agent/weakness
agent/type
agent/severity
agent/references
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/siemens
canonical/siemens rox ii firmware
canonical/siemens rox

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2018-13801?
CVE-2018-13801 has a high severity due to the potential for privilege escalation upon successful exploitation.
How do I fix CVE-2018-13801?
To fix CVE-2018-13801, upgrade the Siemens ROX II Firmware to version 2.12.1 or later.
Who is affected by CVE-2018-13801?
CVE-2018-13801 affects all versions of Siemens ROX II Firmware prior to version 2.12.1.
What are the potential impacts of exploiting CVE-2018-13801?
Exploiting CVE-2018-13801 could allow an attacker to gain root privileges, leading to unauthorized control over the affected device.
What access is required to exploit CVE-2018-13801?
Exploitation of CVE-2018-13801 requires network access to port 22/tcp and valid low-privileged user credentials.