{"containers": {"cna": {"affected": [{"product": "RFID 181EIP", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions"}]}, {"product": "RUGGEDCOM Win", "vendor": "Siemens", "versions": [{"status": "affected", "version": "V4.4, V4.5, V5.0, and V5.1"}]}, {"product": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.2.3"}]}, {"product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V5.4.1"}]}, {"product": "SCALANCE X-200RNA switch family", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.2.6"}]}, {"product": "SCALANCE X-300 switch family (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V4.1.3"}]}, {"product": "SCALANCE X408", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V4.1.3"}]}, {"product": "SCALANCE X414", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions"}]}, {"product": "SIMATIC RF182C", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions"}]}], "datePublic": "2018-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-14T21:05:17", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2018-4833", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "RFID 181EIP", "version": {"version_data": [{"version_value": "All versions"}]}}, {"product_name": "RUGGEDCOM Win", "version": {"version_data": [{"version_value": "V4.4, V4.5, V5.0, and V5.1"}]}}, {"product_name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)", "version": {"version_data": [{"version_value": "All versions < V5.2.3"}]}}, {"product_name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)", "version": {"version_data": [{"version_value": "All versions < V5.4.1"}]}}, {"product_name": "SCALANCE X-200RNA switch family", "version": {"version_data": [{"version_value": "All versions < V3.2.6"}]}}, {"product_name": "SCALANCE X-300 switch family (incl. SIPLUS NET variants)", "version": {"version_data": [{"version_value": "All versions < V4.1.3"}]}}, {"product_name": "SCALANCE X408", "version": {"version_data": [{"version_value": "All versions < V4.1.3"}]}}, {"product_name": "SCALANCE X414", "version": {"version_data": [{"version_value": "All versions"}]}}, {"product_name": "SIMATIC RF182C", "version": {"version_data": [{"version_value": "All versions"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-122: Heap-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2018-4833", "datePublished": "2018-06-14T16:00:00", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2020-12-14T21:05:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:rfid_181-eip_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BD1CF0F-8773-458A-B895-AD7C28BE95B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:rfid_181-eip:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6E564B5-8196-46CA-8F31-3D8220C06144", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "DAD0FAEE-28AE-4B56-AAFF-46BEF95D8686", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:ruggedcom_wimax_firmware:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "77A98129-42ED-41BE-94D7-93AB6EDB9E1B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_wimax:-:*:*:*:*:*:*:*", "matchCriteriaId": "88B2BEB2-4A91-4EF1-8541-C2EBB79CCA1F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82699DAE-653E-4892-AABE-BD7EB0D08224", "versionEndExcluding": "5.2.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*", "matchCriteriaId": "A59C91EA-5D1B-4970-8C36-BD76BA420B12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AA7D616-B6B3-4883-9EC2-ED08C8F22D99", "versionEndExcluding": "5.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x200irt:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4201AF3-421F-4FD2-9449-2D89D2194250", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x204rna_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "233B6B4C-1EB6-47AB-8485-7BB585641407", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x204rna:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA8B483F-0FD2-49F8-A86A-672A6E007949", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E05BF7A-928C-4BF3-963F-7168037DFD51", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3F6299B-D7E3-4750-B016-7DCBC83C2287", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x408_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C003438B-9750-42D9-8DAE-93506BC023C7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*", "matchCriteriaId": "47F713E4-4B75-476E-BC21-92CA10198AE9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_x414_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EDB94AE-1ADF-468A-93BB-7DC0A2086AC2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_x414:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E4C1BEF-D6B4-4260-9AC5-6F903EF6F4B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_rf182c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "029686AF-F3F7-4A61-8DD0-22B9D357C614", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.6), SCALANCE X-300 switch family (incl. SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X408 (All versions < V4.1.3), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en RFID 181-EIP (Todas las versiones), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), familia de switches SCALANCE X-200 (incluidas las variantes SIPLUS NET) (Todas las versiones anteriores a la V5.2.3), familia de switches SCALANCE X-200IRT (incluidas las variantes SIPLUS NET) (Todas las versiones anteriores a V5.4.1), familia de switches SCALANCE X-200RNA (Todas las versiones anteriores a la V3.2.6), familia de switches SCALANCE X-300 (incluidas las variantes SIPLUS NET) (Todas las versiones anteriores a la V4.1.3), SCALANCE X408 (Todas las versiones anteriores a la V4.1.3), SCALANCE X414 (Todas las versiones), SIMATIC RF182C (Todas las versiones). Los atacantes remotos no privilegiados ubicados en el mismo segmento de red local (capa 2 de OSI) podr\u00edan obtener la ejecuci\u00f3n remota de c\u00f3digo en los productos afectados enviando una respuesta DHCP especialmente dise\u00f1ada a la solicitud DHCP de un cliente."}], "id": "CVE-2018-4833", "lastModified": "2020-12-14T21:15:13.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-14T16:29:00.333", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "productcert@siemens.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}