Details of VAR-201812-0342

ID

VAR-201812-0342

CVE

CVE-2018-13811

TITLE

Siemens SIMATIC STEP 7 Information Disclosure Vulnerability

Trust: 0.8

sources: IVD: 7d808752-463f-11e9-9fb8-000c29342cb1 // CNVD: CNVD-2018-25291

DESCRIPTION

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1). Password hashes with insufficient computational effort could allow an attacker to access to a project file and reconstruct passwords. The vulnerability could be exploited by an attacker with local access to the project file. No user interaction is required to exploit the vulnerability. The vulnerability could allow the attacker to obtain certain passwords from the project. At the time of advisory publication no public exploitation of this vulnerability was known. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers from Siemens AG, Germany. The software provides PLC programming, design option packages and advanced drive technology

Trust: 2.61

sources: NVD: CVE-2018-13811 // JVNDB: JVNDB-2018-014498 // CNVD: CNVD-2018-25291 // BID: 105926 // IVD: 7d808752-463f-11e9-9fb8-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 7d808752-463f-11e9-9fb8-000c29342cb1 // CNVD: CNVD-2018-25291

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic step 7 \	scope:	lt	version:	15.1	Trust: 1.0
vendor:	siemens	model:	simatic step 7	scope:	lt	version:	15.1	Trust: 0.8
vendor:	siemens	model:	simatic step	scope:	eq	version:	7<15.1	Trust: 0.6
vendor:	siemens	model:	simatic step tia portal	scope:	eq	version:	7v14	Trust: 0.3
vendor:	siemens	model:	simatic step tia portal	scope:	eq	version:	7v13	Trust: 0.3
vendor:	siemens	model:	simatic step tia portal	scope:	eq	version:	7v12	Trust: 0.3
vendor:	siemens	model:	simatic step	scope:	eq	version:	7v15	Trust: 0.3
vendor:	siemens	model:	simatic step	scope:	eq	version:	7v11	Trust: 0.3
vendor:	siemens	model:	simatic step	scope:	eq	version:	7v10	Trust: 0.3
vendor:	siemens	model:	simatic step	scope:	ne	version:	7v15.1	Trust: 0.3
vendor:	simatic step 7 tia portal	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 7d808752-463f-11e9-9fb8-000c29342cb1 // CNVD: CNVD-2018-25291 // BID: 105926 // JVNDB: JVNDB-2018-014498 // NVD: CVE-2018-13811

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-13811
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-13811
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-25291
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201811-485
value:	MEDIUM
Trust: 0.6
IVD:	7d808752-463f-11e9-9fb8-000c29342cb1
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2018-13811
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-25291
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d808752-463f-11e9-9fb8-000c29342cb1
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-13811
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: IVD: 7d808752-463f-11e9-9fb8-000c29342cb1 // CNVD: CNVD-2018-25291 // JVNDB: JVNDB-2018-014498 // CNNVD: CNNVD-201811-485 // NVD: CVE-2018-13811

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.8
problemtype:	CWE-916	Trust: 1.0

sources: JVNDB: JVNDB-2018-014498 // NVD: CVE-2018-13811

THREAT TYPE

local

Trust: 0.9

sources: BID: 105926 // CNNVD: CNNVD-201811-485

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201811-485

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014498

PATCH

title:	SSA-621493	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-621493.pdf	Trust: 0.8
title:	Patch for Siemens SIMATIC STEP 7 Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/147101	Trust: 0.6
title:	Siemens SIMATIC STEP 7 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86886	Trust: 0.6

sources: CNVD: CNVD-2018-25291 // JVNDB: JVNDB-2018-014498 // CNNVD: CNNVD-201811-485

EXTERNAL IDS

db:	NVD	id:	CVE-2018-13811	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-317-06	Trust: 2.3
db:	BID	id:	105926	Trust: 1.9
db:	SIEMENS	id:	SSA-621493	Trust: 1.6
db:	CNVD	id:	CNVD-2018-25291	Trust: 0.8
db:	CNNVD	id:	CNNVD-201811-485	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014498	Trust: 0.8
db:	IVD	id:	7D808752-463F-11E9-9FB8-000C29342CB1	Trust: 0.2

sources: IVD: 7d808752-463f-11e9-9fb8-000c29342cb1 // CNVD: CNVD-2018-25291 // BID: 105926 // JVNDB: JVNDB-2018-014498 // CNNVD: CNNVD-201811-485 // NVD: CVE-2018-13811

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-317-06	Trust: 2.3
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-621493.pdf	Trust: 1.6
url:	http://www.securityfocus.com/bid/105926	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13811	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-13811	Trust: 0.8
url:	http://www.industry.siemens.com/topics/global/en/tia-portal/controller-sw-tia-portal/simatic-step7-basic-tia-portal/pages/default.aspx	Trust: 0.3

sources: CNVD: CNVD-2018-25291 // BID: 105926 // JVNDB: JVNDB-2018-014498 // CNNVD: CNNVD-201811-485 // NVD: CVE-2018-13811

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105926

SOURCES

db:	IVD	id:	7d808752-463f-11e9-9fb8-000c29342cb1
db:	CNVD	id:	CNVD-2018-25291
db:	BID	id:	105926
db:	JVNDB	id:	JVNDB-2018-014498
db:	CNNVD	id:	CNNVD-201811-485
db:	NVD	id:	CVE-2018-13811

LAST UPDATE DATE

2024-11-23T23:11:57.230000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-25291	date:	2018-12-14T00:00:00
db:	BID	id:	105926	date:	2018-11-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-014498	date:	2019-03-29T00:00:00
db:	CNNVD	id:	CNNVD-201811-485	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-13811	date:	2024-11-21T03:48:07.027

SOURCES RELEASE DATE

db:	IVD	id:	7d808752-463f-11e9-9fb8-000c29342cb1	date:	2018-12-14T00:00:00
db:	CNVD	id:	CNVD-2018-25291	date:	2018-12-13T00:00:00
db:	BID	id:	105926	date:	2018-11-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-014498	date:	2019-03-25T00:00:00
db:	CNNVD	id:	CNNVD-201811-485	date:	2018-11-15T00:00:00
db:	NVD	id:	CVE-2018-13811	date:	2018-12-13T16:29:00.257