What is the severity of CVE-2018-16559?

CVE-2018-16559 is classified as a high-severity vulnerability due to its potential to cause a Denial-of-Service condition.

How do I fix CVE-2018-16559?

To fix CVE-2018-16559, you should upgrade the affected Siemens SIMATIC S7-1500 firmware to a version that is V2.5 or higher.

What systems are affected by CVE-2018-16559?

CVE-2018-16559 affects Siemens SIMATIC S7-1500 CPUs with firmware versions between V2.0 and V2.5 and versions up to V1.8.5.

What type of attack does CVE-2018-16559 enable?

CVE-2018-16559 allows unauthenticated remote attackers to perform a Denial-of-Service attack via specially crafted network packets sent to port 80/tcp or 443/tcp.

Is it possible to exploit CVE-2018-16559 remotely?

Yes, CVE-2018-16559 can be exploited remotely by sending crafted network packets without requiring authentication.

Vulnerability/
CVE-2018-16559

high

7.8

CWE

17/4/2019

5/8/2024

CVE-2018-16559: Input Validation

First published: Wed Apr 17 2019(Updated: )

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens S7-1500 Firmware	<=1.8.5
Siemens S7-1500 Firmware	>=2.0<2.5
Siemens Simatic S7-1500

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-180635.pdf

Frequently Asked Questions

What is the severity of CVE-2018-16559?
CVE-2018-16559 is classified as a high-severity vulnerability due to its potential to cause a Denial-of-Service condition.
How do I fix CVE-2018-16559?
To fix CVE-2018-16559, you should upgrade the affected Siemens SIMATIC S7-1500 firmware to a version that is V2.5 or higher.
What systems are affected by CVE-2018-16559?
CVE-2018-16559 affects Siemens SIMATIC S7-1500 CPUs with firmware versions between V2.0 and V2.5 and versions up to V1.8.5.
What type of attack does CVE-2018-16559 enable?
CVE-2018-16559 allows unauthenticated remote attackers to perform a Denial-of-Service attack via specially crafted network packets sent to port 80/tcp or 443/tcp.
Is it possible to exploit CVE-2018-16559 remotely?
Yes, CVE-2018-16559 can be exploited remotely by sending crafted network packets without requiring authentication.

agent/type
agent/weakness
agent/references
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/siemens
canonical/siemens s7-1500 firmware
version/siemens s7-1500 firmware/1.8.5
version/siemens s7-1500 firmware/2.0
canonical/siemens simatic s7-1500

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.