Vulnerabilities > CVE-2018-4850 - Unspecified vulnerability in Siemens Simatic S7-400 Firmware and Simatic S7-400H Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

siemens

NVD

Published: 2018-05-16

Updated: 2019-10-09

Summary

A vulnerability has been identified in SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below (All versions), SIMATIC S7-400 (incl. F) CPU hardware version 5.0 (All firmware versions < V5.2), SIMATIC S7-400H CPU hardware version 4.5 and below (All versions). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Simatic S7 400 Firmware - Siemens Simatic S7 400 Firmware 4.0 Siemens Simatic S7 400H Firmware 4.5	3
Hardware	Siemens Siemens Simatic S7 400 - Siemens Simatic S7 400H -	2

Summary

Vulnerable Configurations

References