CVE-2018-11458

Name of the Vulnerable Software and Affected Versions SINUMERIK 828D V4.7 versions prior to V4.7 SP6 HF1 SINUMERIK 840D sl V4.7 versions prior to V4.7 SP6 HF5 SINUMERIK 840D sl V4.8 versions prior to V4.8 SP3

Description The issue is related to an integer overflow in the VNC server of the affected products. Exploitation of this issue could allow a remote attacker to execute arbitrary code with privileged permissions by sending specially crafted network requests to port 5900/tcp. This can be done without any privileges or user interaction, potentially compromising the confidentiality, integrity, and availability of the VNC server. The vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration.

Recommendations For SINUMERIK 828D V4.7 versions prior to V4.7 SP6 HF1, update to V4.7 SP6 HF1 or later. For SINUMERIK 840D sl V4.7 versions prior to V4.7 SP6 HF5, update to V4.7 SP6 HF5 or later. For SINUMERIK 840D sl V4.8 versions prior to V4.8 SP3, update to V4.8 SP3 or later. As a temporary workaround, consider restricting access to port 5900/tcp to minimize the risk of exploitation.