Details of VAR-201810-0792

ID

VAR-201810-0792

CVE

CVE-2018-13802

TITLE

ROX II Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013473

DESCRIPTION

A vulnerability has been identified in ROX II (All versions < V2.12.1). An authenticated attacker with a high-privileged user account access via SSH could circumvent restrictions in place and execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the SSH interface in on port 22/tcp. The attacker must be authenticated to exploit the vulnerability. The vulnerability could allow an attacker to execute arbitrary code on the device. ROX II Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The SIMATIC ROX II is a ROX-based VPN endpoint and firewall device for connecting devices that operate in harsh environments, such as power substations and traffic control cabinets. An attackers may exploit these issues to gain elevated privileges

Trust: 2.7

sources: NVD: CVE-2018-13802 // JVNDB: JVNDB-2018-013473 // CNVD: CNVD-2018-20533 // BID: 105545 // IVD: e2fccd00-39ab-11e9-9113-000c29342cb1 // VULMON: CVE-2018-13802

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2fccd00-39ab-11e9-9113-000c29342cb1 // CNVD: CNVD-2018-20533

AFFECTED PRODUCTS

vendor:	siemens	model:	rox ii	scope:	lt	version:	2.12.1	Trust: 1.0
vendor:	siemens	model:	rox ii	scope:	lt	version:	v2.12.1	Trust: 0.8
vendor:	siemens	model:	ruggedcom rugged operating system on linux ii	scope:	lt	version:	2.12.1	Trust: 0.8
vendor:	siemens	model:	rox ii	scope:	eq	version:	2.9.1	Trust: 0.3
vendor:	siemens	model:	rox ii	scope:	eq	version:	2.9	Trust: 0.3
vendor:	siemens	model:	rox ii	scope:	eq	version:	2.3	Trust: 0.3
vendor:	siemens	model:	rox ii	scope:	ne	version:	2.12.1	Trust: 0.3

sources: IVD: e2fccd00-39ab-11e9-9113-000c29342cb1 // CNVD: CNVD-2018-20533 // BID: 105545 // JVNDB: JVNDB-2018-013473 // NVD: CVE-2018-13802

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-13802
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-13802
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20533
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201810-508
value:	HIGH
Trust: 0.6
IVD:	e2fccd00-39ab-11e9-9113-000c29342cb1
value:	HIGH
Trust: 0.2
VULMON:	CVE-2018-13802
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-13802
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-20533
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2fccd00-39ab-11e9-9113-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-13802
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2fccd00-39ab-11e9-9113-000c29342cb1 // CNVD: CNVD-2018-20533 // VULMON: CVE-2018-13802 // JVNDB: JVNDB-2018-013473 // CNNVD: CNNVD-201810-508 // NVD: CVE-2018-13802

PROBLEMTYPE DATA

problemtype:	CWE-264	Trust: 1.0
problemtype:	CWE-269	Trust: 1.0
problemtype:	CWE-77	Trust: 0.8

sources: JVNDB: JVNDB-2018-013473 // NVD: CVE-2018-13802

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-508

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201810-508

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013473

PATCH

title:	SSA-493830	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf	Trust: 0.8
title:	Patch for SIEMENS ROX II Privilege Escalation Vulnerability (CNVD-2018-20533)	url:	https://www.cnvd.org.cn/patchInfo/show/141767	Trust: 0.6
title:	Siemens RuggedCom ROX II Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86139	Trust: 0.6

sources: CNVD: CNVD-2018-20533 // JVNDB: JVNDB-2018-013473 // CNNVD: CNNVD-201810-508

EXTERNAL IDS

db:	NVD	id:	CVE-2018-13802	Trust: 3.6
db:	ICS CERT	id:	ICSA-18-282-03	Trust: 2.8
db:	SIEMENS	id:	SSA-493830	Trust: 2.3
db:	BID	id:	105545	Trust: 2.0
db:	CNVD	id:	CNVD-2018-20533	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-508	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-013473	Trust: 0.8
db:	IVD	id:	E2FCCD00-39AB-11E9-9113-000C29342CB1	Trust: 0.2
db:	VULMON	id:	CVE-2018-13802	Trust: 0.1

sources: IVD: e2fccd00-39ab-11e9-9113-000c29342cb1 // CNVD: CNVD-2018-20533 // VULMON: CVE-2018-13802 // BID: 105545 // JVNDB: JVNDB-2018-013473 // CNNVD: CNNVD-201810-508 // NVD: CVE-2018-13802

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-282-03	Trust: 2.9
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf	Trust: 2.3
url:	http://www.securityfocus.com/bid/105545	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13802	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-13802	Trust: 0.8
url:	http://www.siemens.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/269.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/151019	Trust: 0.1

sources: CNVD: CNVD-2018-20533 // VULMON: CVE-2018-13802 // BID: 105545 // JVNDB: JVNDB-2018-013473 // CNNVD: CNNVD-201810-508 // NVD: CVE-2018-13802

CREDITS

The vendor reported these issues.

Trust: 0.3

sources: BID: 105545

SOURCES

db:	IVD	id:	e2fccd00-39ab-11e9-9113-000c29342cb1
db:	CNVD	id:	CNVD-2018-20533
db:	VULMON	id:	CVE-2018-13802
db:	BID	id:	105545
db:	JVNDB	id:	JVNDB-2018-013473
db:	CNNVD	id:	CNNVD-201810-508
db:	NVD	id:	CVE-2018-13802

LAST UPDATE DATE

2024-11-23T22:12:18.753000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20533	date:	2018-10-10T00:00:00
db:	VULMON	id:	CVE-2018-13802	date:	2019-10-09T00:00:00
db:	BID	id:	105545	date:	2018-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-013473	date:	2019-02-21T00:00:00
db:	CNNVD	id:	CNNVD-201810-508	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-13802	date:	2024-11-21T03:48:04.793

SOURCES RELEASE DATE

db:	IVD	id:	e2fccd00-39ab-11e9-9113-000c29342cb1	date:	2018-10-10T00:00:00
db:	CNVD	id:	CNVD-2018-20533	date:	2018-10-10T00:00:00
db:	VULMON	id:	CVE-2018-13802	date:	2018-10-10T00:00:00
db:	BID	id:	105545	date:	2018-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-013473	date:	2019-02-21T00:00:00
db:	CNNVD	id:	CNNVD-201810-508	date:	2018-10-11T00:00:00
db:	NVD	id:	CVE-2018-13802	date:	2018-10-10T17:29:04