CVE-2018-4845

🗓️ 26 Jun 2018 18:00:00Reported by siemensType

CVE-2018-4845: Privilege escalation vulnerability in Siemens Healthineers RAPIDLab/RAPIDPoint system

Reporter	Title	Published	Views	Family All 6
CNVD	SIEMENS RAPIDLab 1200 and RAPIDPoint 400/500 Blood Gas Analyzers Elevation of Privilege Vulnerability	13 Jun 201800:00	–	cnvd
Cvelist	CVE-2018-4845	26 Jun 201818:00	–	cvelist
EUVD	EUVD-2018-16631	7 Oct 202500:30	–	euvd
NVD	CVE-2018-4845	26 Jun 201818:29	–	nvd
Prion	Security feature bypass	26 Jun 201818:29	–	prion
Positive Technologies	PT-2018-16564 · Siemens · Rapidpoint 500 +2	26 Jun 201800:00	–	ptsecurity

NVD

Node

siemens rapidpoint_400_firmwareMatch-

AND

siemens rapidpoint_400Match-

Node

siemens rapidpoint_500_firmwareRange≤2.3

siemens rapidpoint_500_firmwareRange3.0≥

AND

siemens rapidpoint_500Match-

Node

siemens rapidlab_1200_firmwareRange<3.3

AND

siemens rapidlab_1200Match-

[
  {
    "product": "RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems, RAPIDLab 1200 Series, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 500 systems, RAPIDPoint 400 systems",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems : All versions _without_ use of Siemens Healthineers Informatics products"
      },
      {
        "status": "affected",
        "version": "RAPIDLab 1200 Series : All versions < V3.3 _with_ Siemens Healthineers Informatics products"
      },
      {
        "status": "affected",
        "version": "RAPIDPoint 500 systems : All versions >= V3.0 _with_ Siemens Healthineers Informatics products"
      },
      {
        "status": "affected",
        "version": "RAPIDPoint 500 systems : V2.4.X _with_ Siemens Healthineers Informatics products"
      },
      {
        "status": "affected",
        "version": "RAPIDPoint 500 systems : All versions =< V2.3 _with_ Siemens Healthineers Informatics products"
      },
      {
        "status": "affected",
        "version": "RAPIDPoint 400 systems : All versions_with_ Siemens Healthineers Informatics products"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf

21 Nov 2024 04:07Current

8.2High risk

Vulners AI Score8.2

CVSS 26.5

CVSS 3.18.8

EPSS0.00497