Sign-up

ID

VAR-201810-0791


CVE

CVE-2018-13801


TITLE

ROX II Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-013474

DESCRIPTION

A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. ROX II Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The SIMATIC ROX II is a ROX-based VPN endpoint and firewall device for connecting devices that operate in harsh environments, such as power substations and traffic control cabinets. An attackers may exploit these issues to gain elevated privileges

Trust: 2.61

sources: NVD: CVE-2018-13801 // JVNDB: JVNDB-2018-013474 // CNVD: CNVD-2018-20532 // BID: 105545 // IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1 // CNVD: CNVD-2018-20532

AFFECTED PRODUCTS

vendor:siemensmodel:rox iiscope:ltversion:2.12.1

Trust: 1.0

vendor:siemensmodel:rox iiscope:ltversion:v2.12.1

Trust: 0.8

vendor:siemensmodel:ruggedcom rugged operating system on linux iiscope:ltversion:2.12.1

Trust: 0.8

vendor:siemensmodel:rox iiscope:eqversion:2.9.1

Trust: 0.3

vendor:siemensmodel:rox iiscope:eqversion:2.9

Trust: 0.3

vendor:siemensmodel:rox iiscope:eqversion:2.3

Trust: 0.3

vendor:siemensmodel:rox iiscope:neversion:2.12.1

Trust: 0.3

sources: IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1 // CNVD: CNVD-2018-20532 // BID: 105545 // JVNDB: JVNDB-2018-013474 // NVD: CVE-2018-13801

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13801
value: HIGH

Trust: 1.0

NVD: CVE-2018-13801
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-20532
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201810-507
value: HIGH

Trust: 0.6

IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-13801
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-20532
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-13801
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1 // CNVD: CNVD-2018-20532 // JVNDB: JVNDB-2018-013474 // CNNVD: CNNVD-201810-507 // NVD: CVE-2018-13801

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

problemtype:CWE-269

Trust: 1.0

sources: JVNDB: JVNDB-2018-013474 // NVD: CVE-2018-13801

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-507

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201810-507

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013474

PATCH
title:SSA-493830url:https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf
Trust: 0.8
title:Patch for SIEMENS ROX II Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/141759
Trust: 0.6
title:Siemens RuggedCom ROX II Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86138
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-20532 // 
            
            
            
            JVNDB: JVNDB-2018-013474 // 
            
            
            
            CNNVD: CNNVD-201810-507

EXTERNAL IDS
db:NVDid:CVE-2018-13801
Trust: 3.5
db:ICS CERTid:ICSA-18-282-03
Trust: 2.7
db:SIEMENSid:SSA-493830
Trust: 2.2
db:BIDid:105545
Trust: 1.9
db:CNVDid:CNVD-2018-20532
Trust: 0.8
db:CNNVDid:CNNVD-201810-507
Trust: 0.8
db:JVNDBid:JVNDB-2018-013474
Trust: 0.8
db:IVDid:E2FCCD01-39AB-11E9-8ACD-000C29342CB1
Trust: 0.2
sources:
            
            
            IVD: e2fccd01-39ab-11e9-8acd-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2018-20532 // 
            
            
            
            BID: 105545 // 
            
            
            
            JVNDB: JVNDB-2018-013474 // 
            
            
            
            CNNVD: CNNVD-201810-507 // 
            
            
            
            NVD: CVE-2018-13801

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-282-03
Trust: 2.7
url:https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf
Trust: 2.2
url:http://www.securityfocus.com/bid/105545
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13801
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-13801
Trust: 0.8
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-20532 // 
            
            
            
            BID: 105545 // 
            
            
            
            JVNDB: JVNDB-2018-013474 // 
            
            
            
            CNNVD: CNNVD-201810-507 // 
            
            
            
            NVD: CVE-2018-13801

CREDITS
The vendor reported these issues.
Trust: 0.3
sources:
            
            
            BID: 105545

SOURCES
db:IVDid:e2fccd01-39ab-11e9-8acd-000c29342cb1
db:CNVDid:CNVD-2018-20532
db:BIDid:105545
db:JVNDBid:JVNDB-2018-013474
db:CNNVDid:CNNVD-201810-507
db:NVDid:CVE-2018-13801

LAST UPDATE DATE
2024-11-23T22:12:18.792000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-20532date:2018-10-10T00:00:00
db:BIDid:105545date:2018-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013474date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-507date:2019-10-17T00:00:00
db:NVDid:CVE-2018-13801date:2024-11-21T03:48:04.607

SOURCES RELEASE DATE
db:IVDid:e2fccd01-39ab-11e9-8acd-000c29342cb1date:2018-10-10T00:00:00
db:CNVDid:CNVD-2018-20532date:2018-10-10T00:00:00
db:BIDid:105545date:2018-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013474date:2019-02-21T00:00:00
db:CNNVDid:CNNVD-201810-507date:2018-10-11T00:00:00
db:NVDid:CVE-2018-13801date:2018-10-10T17:29:03.827