What is the severity of CVE-2018-4846?

CVE-2018-4846 has been assessed to have a high severity due to unauthorized access risks.

How do I fix CVE-2018-4846?

To fix CVE-2018-4846, update the affected RAPIDLab and RAPIDPoint systems to the latest firmware versions provided by Siemens.

Which systems are affected by CVE-2018-4846?

CVE-2018-4846 affects RAPIDLab 1200 systems, RAPIDPoint 400 systems, and RAPIDPoint 500 systems under certain conditions.

What types of vulnerabilities does CVE-2018-4846 include?

CVE-2018-4846 includes unauthorized access vulnerabilities that could compromise system security.

Is there a patch available for CVE-2018-4846?

Yes, Siemens has released a patch that addresses CVE-2018-4846 for the affected systems.

Vulnerability/
CVE-2018-4846

critical

CWE

798

26/6/2018

17/9/2024

CVE-2018-4846

First published: Tue Jun 26 2018(Updated: )

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). A factory account with hardcoded password might allow attackers access to the device over port 5900/tcp. Successful exploitation requires no user interaction or privileges and impacts the confidentiality, integrity, and availability of the affected device. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens Rapidpoint 400 Firmware
Siemens Rapidpoint 400
Siemens Rapidpoint 500 Firmware	<=2.3
Siemens Rapidpoint 500 Firmware	>=3.0
Siemens Rapidpoint 500
Siemens Rapidlab 1200 Firmware	<3.3
Siemens Rapidlab 1200

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf

Frequently Asked Questions

What is the severity of CVE-2018-4846?
CVE-2018-4846 has been assessed to have a high severity due to unauthorized access risks.
How do I fix CVE-2018-4846?
To fix CVE-2018-4846, update the affected RAPIDLab and RAPIDPoint systems to the latest firmware versions provided by Siemens.
Which systems are affected by CVE-2018-4846?
CVE-2018-4846 affects RAPIDLab 1200 systems, RAPIDPoint 400 systems, and RAPIDPoint 500 systems under certain conditions.
What types of vulnerabilities does CVE-2018-4846 include?
CVE-2018-4846 includes unauthorized access vulnerabilities that could compromise system security.
Is there a patch available for CVE-2018-4846?
Yes, Siemens has released a patch that addresses CVE-2018-4846 for the affected systems.

collector/nvd-index
agent/type
agent/softwarecombine
agent/author
agent/references
agent/weakness
agent/severity
agent/tags
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
vendor/siemens
canonical/siemens rapidpoint 400 firmware
canonical/siemens rapidpoint 400
canonical/siemens rapidpoint 500 firmware
version/siemens rapidpoint 500 firmware/2.3
version/siemens rapidpoint 500 firmware/3.0
canonical/siemens rapidpoint 500
canonical/siemens rapidlab 1200 firmware
canonical/siemens rapidlab 1200

Frequently Asked Questions

What is the severity of CVE-2018-4846?
CVE-2018-4846 has been assessed to have a high severity due to unauthorized access risks.
How do I fix CVE-2018-4846?
To fix CVE-2018-4846, update the affected RAPIDLab and RAPIDPoint systems to the latest firmware versions provided by Siemens.
Which systems are affected by CVE-2018-4846?
CVE-2018-4846 affects RAPIDLab 1200 systems, RAPIDPoint 400 systems, and RAPIDPoint 500 systems under certain conditions.
What types of vulnerabilities does CVE-2018-4846 include?
CVE-2018-4846 includes unauthorized access vulnerabilities that could compromise system security.
Is there a patch available for CVE-2018-4846?
Yes, Siemens has released a patch that addresses CVE-2018-4846 for the affected systems.

CVE-2018-4846

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-4846?

How do I fix CVE-2018-4846?

Which systems are affected by CVE-2018-4846?

What types of vulnerabilities does CVE-2018-4846 include?

Is there a patch available for CVE-2018-4846?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2018-4846?

How do I fix CVE-2018-4846?

Which systems are affected by CVE-2018-4846?

What types of vulnerabilities does CVE-2018-4846 include?

Is there a patch available for CVE-2018-4846?