VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 8, 2018· Updated Aug 5, 2024

CVE-2018-4839

CVE-2018-4839

Description

A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.

Affected products

18
  • Siemens Foundation/EN100 Ethernet module DNP3 variantllm-create
    Range: < V1.05.00
  • Siemens Foundation/SIPROTEC 4 7SD80llm-create
    Range: < V4.70
  • Siemens Foundation/DIGSI 4llm-fuzzy
    Range: < V4.92
  • Siemens/DIGSI 4v5
    Range: All versions < V4.92
  • Siemens/EN100 Ethernet module DNP3 variantv5
    Range: All versions < V1.05.00
  • Siemens/EN100 Ethernet module IEC 104 variantv5
    Range: All versions
  • Siemens/EN100 Ethernet module IEC 61850 variantv5
    Range: All versions < V4.30
  • Siemens/EN100 Ethernet module Modbus TCP variantv5
    Range: All versions
  • Siemens/EN100 Ethernet module PROFINET IO variantv5
    Range: All versions
  • Siemens/Other SIPROTEC 4 relaysv5
    Range: All versions
  • Siemens/Other SIPROTEC Compact relaysv5
    Range: All versions
  • Siemens/SIPROTEC 4 7SD80v5
    Range: All versions < V4.70
  • Siemens/SIPROTEC 4 7SJ61v5
    Range: All versions < V4.96
  • Siemens/SIPROTEC 4 7SJ62v5
    Range: All versions < V4.96
  • Siemens/SIPROTEC 4 7SJ64v5
    Range: All versions < V4.96
  • Siemens/SIPROTEC 4 7SJ66v5
    Range: All versions < V4.30
  • Siemens/SIPROTEC Compact 7SJ80v5
    Range: All versions < V4.77
  • Siemens/SIPROTEC Compact 7SK80v5
    Range: All versions < V4.77

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.