CVE-2018-4833: Input Validation
First published: Thu Jun 14 2018(Updated: )
A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| siemens RFID 181-eip firmware | ||
| siemens RFID 181-eip | ||
| siemens RUGGEDCOM wimax firmware | =4.4 | |
| siemens RUGGEDCOM wimax firmware | =4.5 | |
| siemens RUGGEDCOM wimax | ||
| Siemens Scalance X-200 Firmware | <5.2.3 | |
| Siemens Scalance X200 | ||
| siemens SCALANCE x200irt firmware | <5.4.1 | |
| siemens SCALANCE x200irt | ||
| Siemens Scalance X204RNA EEC Firmware | ||
| Siemens Scalance X204RNA EEC | ||
| Siemens Scalance X-300 Firmware | ||
| Siemens Scalance X-300 Firmware | ||
| Siemens Scalance X408 | ||
| Siemens SCALANCE X408-2 | ||
| Siemens Scalance X414 | ||
| Siemens Scalance X414 Firmware | ||
| Siemens Simatic RF182C | ||
| Siemens SIMATIC RF182C (6GT2002-0JD10) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2018-4833.
Which products are affected by this vulnerability?
The products affected by this vulnerability include RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA.
What is the severity of CVE-2018-4833?
The severity of CVE-2018-4833 is high, with a severity value of 8.8.
How can I fix the vulnerability CVE-2018-4833?
To fix the vulnerability CVE-2018-4833, it is recommended to apply the necessary security patches provided by Siemens.
Where can I find more information about CVE-2018-4833?
You can find more information about CVE-2018-4833 in the Siemens ProductCERT advisory.
- agent/type
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- vendor/siemens
- canonical/siemens rfid 181-eip firmware
- canonical/siemens rfid 181-eip
- canonical/siemens ruggedcom wimax firmware
- version/siemens ruggedcom wimax firmware/4.4
- version/siemens ruggedcom wimax firmware/4.5
- canonical/siemens ruggedcom wimax
- canonical/siemens scalance x-200 firmware
- canonical/siemens scalance x200
- canonical/siemens scalance x200irt firmware
- canonical/siemens scalance x200irt
- canonical/siemens scalance x204rna eec firmware
- canonical/siemens scalance x204rna eec
- canonical/siemens scalance x-300 firmware
- canonical/siemens scalance x408
- canonical/siemens scalance x408-2
- canonical/siemens scalance x414
- canonical/siemens scalance x414 firmware
- canonical/siemens simatic rf182c
- canonical/siemens simatic rf182c (6gt2002-0jd10)