CVE-2018-13801
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-13801
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
权限、特权和访问控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens RuggedCom ROX II 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens RuggedCom ROX II是德国西门子(Siemens)公司的一套用于RuggedCom系列交换机中的操作系统。 Siemens RuggedCom ROX II 2.12.1之前版本中存在安全漏洞。攻击者可通过访问22/tcp端口及有效的低权限用户凭证利用该漏洞提升权限至root,影响系统的保密性、完整性和可用性。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens AG | ROX II | All versions < V2.12.1 | - |
II. Public POCs for CVE-2018-13801
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-13801
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSA-18-282-03x_refsource_MISC
- SSA-493830 (Last Update: 2018-10-09): Privilege Escalation in ROX IIx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-13801
Same Patch Batch · Siemens AG · 2018-10-10 · 4 CVEs total
| CVE-2018-13800 | Siemens SIMATIC S7-1200 CPU family 跨站请求伪造漏洞 | |
| CVE-2018-13802 | Siemens RuggedCom ROX II 安全漏洞 | |
| CVE-2018-13805 | 多款Siemens产品安全漏洞 |
IV. Related Vulnerabilities
Same product: ROX II
V. Comments for CVE-2018-13801
No comments yet