CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-4834

A vulnerability has been identified in Desigo PXC00-E.D V4.10 (All versions < V4.10.111), Desigo PXC00-E.D V5.00 (All versions < V5.0.171), Desigo PXC00-E.D V5.10 (All versions < V5.10.69), Desigo PXC00-E.D V6.00 (All versions < V6.0.204), Desigo PXC00/64/128-U V4.10 (All versions < V4.10.111 only with web module), Desigo PXC00/64/128-U V5.00 (All versions < V5.0.171 only with web module), Desigo PXC00/64/128-U V5.10 (All versions < V5.10.69 only with web module), Desigo PXC00/64/128-U V6.00 (All versions < V6.0.204 only with web module), Desigo PXC001-E.D V4.10 (All versions < V4.10.111), Desigo PXC001-E.D V5.00 (All versions < V5.0.171), Desigo PXC001-E.D V5.10 (All versions < V5.10.69), Desigo PXC001-E.D V6.00 (All versions < V6.0.204), Desigo PXC100-E.D V4.10 (All versions < V4.10.111), Desigo PXC100-E.D V5.00 (All versions < V5.0.171), Desigo PXC100-E.D V5.10 (All versions < V5.10.69), Desigo PXC100-E.D V6.00 (All versions < V6.0.204), Desigo PXC12-E.D V4.10 (All versions < V4.10.111), Desigo PXC12-E.D V5.00 (All versions < V5.0.171), Desigo PXC12-E.D V5.10 (All versions < V5.10.69), Desigo PXC12-E.D V6.00 (All versions < V6.0.204), Desigo PXC200-E.D V4.10 (All versions < V4.10.111), Desigo PXC200-E.D V5.00 (All versions < V5.0.171), Desigo PXC200-E.D V5.10 (All versions < V5.10.69), Desigo PXC200-E.D V6.00 (All versions < V6.0.204), Desigo PXC22-E.D V4.10 (All versions < V4.10.111), Desigo PXC22-E.D V5.00 (All versions < V5.0.171), Desigo PXC22-E.D V5.10 (All versions < V5.10.69), Desigo PXC22-E.D V6.00 (All versions < V6.0.204), Desigo PXC22.1-E.D V4.10 (All versions < V4.10.111), Desigo PXC22.1-E.D V5.00 (All versions < V5.0.171), Desigo PXC22.1-E.D V5.10 (All versions < V5.10.69), Desigo PXC22.1-E.D V6.00 (All versions < V6.0.204), Desigo PXC36.1-E.D V4.10 (All versions < V4.10.111), Desigo PXC36.1-E.D V5.00 (All versions < V5.0.171), Desigo PXC36.1-E.D V5.10 (All versions < V5.10.69), Desigo PXC36.1-E.D V6.00 (All versions < V6.0.204), Desigo PXC50-E.D V4.10 (All versions < V4.10.111), Desigo PXC50-E.D V5.00 (All versions < V5.0.171), Desigo PXC50-E.D V5.10 (All versions < V5.10.69), Desigo PXC50-E.D V6.00 (All versions < V6.0.204), Desigo PXM20-E V4.10 (All versions < V4.10.111), Desigo PXM20-E V5.00 (All versions < V5.0.171), Desigo PXM20-E V5.10 (All versions < V5.10.69), Desigo PXM20-E V6.00 (All versions < V6.0.204). A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2018-4834

Siemens » Pxc00/50/100/200-E.d » Version: N/A

cpe:2.3:h:siemens:pxc00/50/100/200-e.d:-
Siemens » Pxc00/64/128-U » Version: N/A

cpe:2.3:h:siemens:pxc00/64/128-u:-
Siemens » Pxc001-E.d » Version: N/A

cpe:2.3:h:siemens:pxc001-e.d:-
Siemens » Pxc12/22/36-E.d » Version: N/A

cpe:2.3:h:siemens:pxc12/22/36-e.d:-
Siemens » Pxm20-E » Version: N/A

cpe:2.3:h:siemens:pxm20-e:-
Siemens » Pxc00/50/100/200-E.d Firmware » Version: Any

cpe:2.3:o:siemens:pxc00/50/100/200-e.d_firmware:*
Siemens » Pxc00/64/128-U Firmware » Version: Any

cpe:2.3:o:siemens:pxc00/64/128-u_firmware:*
Siemens » Pxc001-E.d Firmware » Version: Any

cpe:2.3:o:siemens:pxc001-e.d_firmware:*
Siemens » Pxc12/22/36-E.d Firmware » Version: Any

cpe:2.3:o:siemens:pxc12/22/36-e.d_firmware:*
Siemens » Pxm20-E Firmware » Version: Any

cpe:2.3:o:siemens:pxm20-e_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-4834

Products

Pricing

Contact Us