Details of VAR-201806-1771

ID

VAR-201806-1771

CVE

CVE-2018-4845

TITLE

RAPIDLab and RAPIDPoint Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-007631

DESCRIPTION

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). Remote attackers with either local or remote credentialed access to the "Remote View" feature might be able to elevate their privileges, compromising confidentiality, integrity, and availability of the system. No special skills or user interaction are required to perform this attack. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue. RAPIDLab and RAPIDPoint Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The RAPIDLab 1200 system is a cartridge-based blood gas, electrolyte and metabolite analyzer designed for medium to large capacity clinical laboratories. The RAPIDPoint 400/405/500 system is a cassette analyzer based on blood gases, electrolytes and metabolites designed for use in a care setting environment. SIEMENS RAPIDLab 1200 and RAPIDPoint 400/500 Blood Gas Analyzers have elevated permissions vulnerabilities. Siemens RAPIDLab 1200 systems is an intensive care solution with blood and respiratory monitoring functions. RAPIDPoint 400 systems and RAPIDPoint 500 systems are different series of solutions for the clinical analysis of blood electrolytes, glucose, hematocrit and neonatal bilirubin

Trust: 2.43

sources: NVD: CVE-2018-4845 // JVNDB: JVNDB-2018-007631 // CNVD: CNVD-2018-11405 // IVD: e2f3a540-39ab-11e9-8022-000c29342cb1 // VULHUB: VHN-134876

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2f3a540-39ab-11e9-8022-000c29342cb1 // CNVD: CNVD-2018-11405

AFFECTED PRODUCTS

vendor:	siemens	model:	rapidpoint 400	scope:	eq	version:	-	Trust: 1.6
vendor:	siemens	model:	rapidpoint 500	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	rapidpoint 500	scope:	gte	version:	3.0	Trust: 1.0
vendor:	siemens	model:	rapidlab 1200	scope:	lt	version:	3.3	Trust: 1.0
vendor:	siemens	model:	rapidlab 1200	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	rapidpoint 400	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	rapidpoint 500	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	rapidlab systems	scope:	eq	version:	1200	Trust: 0.6
vendor:	siemens	model:	rapidpoint systems	scope:	eq	version:	400	Trust: 0.6
vendor:	siemens	model:	rapidpoint systems	scope:	eq	version:	500>=v3.0	Trust: 0.6
vendor:	siemens	model:	rapidpoint systems	scope:	eq	version:	500v2.4.*	Trust: 0.6
vendor:	siemens	model:	rapidpoint systems	scope:	eq	version:	500<=v2.3	Trust: 0.6
vendor:	siemens	model:	rapidlab series	scope:	eq	version:	1200<v3.3	Trust: 0.6
vendor:	siemens	model:	rapidpoint 500	scope:	eq	version:	2.3	Trust: 0.6
vendor:	rapidpoint 500	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	rapidpoint 400	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	rapidlab 1200	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2f3a540-39ab-11e9-8022-000c29342cb1 // CNVD: CNVD-2018-11405 // JVNDB: JVNDB-2018-007631 // CNNVD: CNNVD-201806-877 // NVD: CVE-2018-4845

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4845
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4845
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-11405
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-877
value:	HIGH
Trust: 0.6
IVD:	e2f3a540-39ab-11e9-8022-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-134876
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-4845
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11405
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f3a540-39ab-11e9-8022-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-134876
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-4845
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2018-4845
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: e2f3a540-39ab-11e9-8022-000c29342cb1 // CNVD: CNVD-2018-11405 // VULHUB: VHN-134876 // JVNDB: JVNDB-2018-007631 // CNNVD: CNNVD-201806-877 // NVD: CVE-2018-4845

PROBLEMTYPE DATA

problemtype:	CWE-269	Trust: 1.1
problemtype:	CWE-284	Trust: 1.0
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-134876 // JVNDB: JVNDB-2018-007631 // NVD: CVE-2018-4845

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-877

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201806-877

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007631

PATCH

title:	SSA-755010	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf	Trust: 0.8
title:	SIEMENS RAPIDLab 1200 and RAPIDPoint 400/500 Blood Gas Analyzers Patch for Enhancing Permission Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/131877	Trust: 0.6
title:	Siemens RAPIDLab 1200 systems , RAPIDPoint 400 systems and RAPIDPoint 500 systems Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80925	Trust: 0.6

sources: CNVD: CNVD-2018-11405 // JVNDB: JVNDB-2018-007631 // CNNVD: CNNVD-201806-877

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4845	Trust: 3.3
db:	SIEMENS	id:	SSA-755010	Trust: 2.3
db:	CNNVD	id:	CNNVD-201806-877	Trust: 0.9
db:	CNVD	id:	CNVD-2018-11405	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-007631	Trust: 0.8
db:	IVD	id:	E2F3A540-39AB-11E9-8022-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-134876	Trust: 0.1

sources: IVD: e2f3a540-39ab-11e9-8022-000c29342cb1 // CNVD: CNVD-2018-11405 // VULHUB: VHN-134876 // JVNDB: JVNDB-2018-007631 // CNNVD: CNNVD-201806-877 // NVD: CVE-2018-4845

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4845	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4845	Trust: 0.8

sources: CNVD: CNVD-2018-11405 // VULHUB: VHN-134876 // JVNDB: JVNDB-2018-007631 // CNNVD: CNNVD-201806-877 // NVD: CVE-2018-4845

SOURCES

db:	IVD	id:	e2f3a540-39ab-11e9-8022-000c29342cb1
db:	CNVD	id:	CNVD-2018-11405
db:	VULHUB	id:	VHN-134876
db:	JVNDB	id:	JVNDB-2018-007631
db:	CNNVD	id:	CNNVD-201806-877
db:	NVD	id:	CVE-2018-4845

LAST UPDATE DATE

2024-11-23T22:41:48.825000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11405	date:	2018-06-13T00:00:00
db:	VULHUB	id:	VHN-134876	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-007631	date:	2018-09-20T00:00:00
db:	CNNVD	id:	CNNVD-201806-877	date:	2022-03-21T00:00:00
db:	NVD	id:	CVE-2018-4845	date:	2024-11-21T04:07:34.380

SOURCES RELEASE DATE

db:	IVD	id:	e2f3a540-39ab-11e9-8022-000c29342cb1	date:	2018-06-13T00:00:00
db:	CNVD	id:	CNVD-2018-11405	date:	2018-06-13T00:00:00
db:	VULHUB	id:	VHN-134876	date:	2018-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-007631	date:	2018-09-20T00:00:00
db:	CNNVD	id:	CNNVD-201806-877	date:	2018-06-13T00:00:00
db:	NVD	id:	CVE-2018-4845	date:	2018-06-26T18:29:00.807