CVE-2018-4858

Name of the Vulnerable Software and Affected Versions IEC 61850 system configurator versions prior to V5.80 DIGSI 5 versions prior to V7.80 DIGSI 4 versions prior to V4.93 SICAM PAS/PQS versions prior to V8.11 SICAM PQ Analyzer versions prior to V3.11 SICAM SCC versions prior to V9.02 HF3

Description A security issue has been identified that could allow an attacker to exfiltrate limited data or execute code with Microsoft Windows user permissions. This is possible because a service in the affected products listens on all network interfaces on ports 4884/TCP, 5885/TCP, or 5886/TCP. Successful exploitation requires a specially crafted network request and a user interacting with the service's client application. The attacker must also be able to plant code on the host in advance to execute arbitrary code. The impact on confidentiality and integrity is limited. No public exploitation was known at the time of advisory publication.

Recommendations For IEC 61850 system configurator versions prior to V5.80, update to version V5.80 or later. For DIGSI 5 versions prior to V7.80, update to version V7.80 or later. For DIGSI 4 versions prior to V4.93, update to version V4.93 or later. For SICAM PAS/PQS versions prior to V8.11, update to version V8.11 or later. For SICAM PQ Analyzer versions prior to V3.11, update to version V3.11 or later. For SICAM SCC versions prior to V9.02 HF3, update to version V9.02 HF3 or later.