Lucene search

HistoryFeb 07, 2022 - 12:00 a.m.

Siemens SIMATIC Spectre-NG Variants 3a and 4 (CVE-2018-3639)

2022-02-0700:00:00

www.tenable.com

7 High

AI Score

Confidence

High

JSON

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500248);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/22");

  script_cve_id("CVE-2018-3639");
  script_xref(name:"CERT", value:"TA18-141A");
  script_xref(name:"USN", value:"USN-3655-2");
  script_xref(name:"USN", value:"USN-3654-2");
  script_xref(name:"USN", value:"USN-3654-1");
  script_xref(name:"USN", value:"USN-3653-2");
  script_xref(name:"USN", value:"USN-3653-1");
  script_xref(name:"USN", value:"USN-3652-1");
  script_xref(name:"USN", value:"USN-3651-1");
  script_xref(name:"RHSA", value:"RHSA-2018:1660");
  script_xref(name:"RHSA", value:"RHSA-2018:1655");
  script_xref(name:"RHSA", value:"RHSA-2018:1647");
  script_xref(name:"RHSA", value:"RHSA-2018:1630");
  script_xref(name:"RHSA", value:"RHSA-2018:1690");
  script_xref(name:"RHSA", value:"RHSA-2018:1689");
  script_xref(name:"RHSA", value:"RHSA-2018:1688");
  script_xref(name:"RHSA", value:"RHSA-2018:1686");
  script_xref(name:"RHSA", value:"RHSA-2018:1676");
  script_xref(name:"RHSA", value:"RHSA-2018:1675");
  script_xref(name:"RHSA", value:"RHSA-2018:1674");
  script_xref(name:"RHSA", value:"RHSA-2018:1669");
  script_xref(name:"RHSA", value:"RHSA-2018:1668");
  script_xref(name:"RHSA", value:"RHSA-2018:1667");
  script_xref(name:"RHSA", value:"RHSA-2018:1666");
  script_xref(name:"RHSA", value:"RHSA-2018:1665");
  script_xref(name:"RHSA", value:"RHSA-2018:1664");
  script_xref(name:"RHSA", value:"RHSA-2018:1663");
  script_xref(name:"RHSA", value:"RHSA-2018:1662");
  script_xref(name:"RHSA", value:"RHSA-2018:1661");
  script_xref(name:"RHSA", value:"RHSA-2018:1659");
  script_xref(name:"RHSA", value:"RHSA-2018:1658");
  script_xref(name:"RHSA", value:"RHSA-2018:1657");
  script_xref(name:"RHSA", value:"RHSA-2018:1656");
  script_xref(name:"RHSA", value:"RHSA-2018:1654");
  script_xref(name:"RHSA", value:"RHSA-2018:1653");
  script_xref(name:"RHSA", value:"RHSA-2018:1652");
  script_xref(name:"RHSA", value:"RHSA-2018:1651");
  script_xref(name:"RHSA", value:"RHSA-2018:1650");
  script_xref(name:"RHSA", value:"RHSA-2018:1649");
  script_xref(name:"RHSA", value:"RHSA-2018:1648");
  script_xref(name:"RHSA", value:"RHSA-2018:1646");
  script_xref(name:"RHSA", value:"RHSA-2018:1645");
  script_xref(name:"RHSA", value:"RHSA-2018:1644");
  script_xref(name:"RHSA", value:"RHSA-2018:1643");
  script_xref(name:"RHSA", value:"RHSA-2018:1642");
  script_xref(name:"RHSA", value:"RHSA-2018:1636");
  script_xref(name:"RHSA", value:"RHSA-2018:1635");
  script_xref(name:"RHSA", value:"RHSA-2018:1633");
  script_xref(name:"RHSA", value:"RHSA-2018:1632");
  script_xref(name:"RHSA", value:"RHSA-2018:1629");
  script_xref(name:"EDB-ID", value:"44695");
  script_xref(name:"RHSA", value:"RHSA-2018:1711");
  script_xref(name:"RHSA", value:"RHSA-2018:1710");
  script_xref(name:"RHSA", value:"RHSA-2018:1696");
  script_xref(name:"DSA", value:"DSA-4210");
  script_xref(name:"USN", value:"USN-3655-1");
  script_xref(name:"RHSA", value:"RHSA-2018:1738");
  script_xref(name:"RHSA", value:"RHSA-2018:1737");
  script_xref(name:"RHSA", value:"RHSA-2018:1641");
  script_xref(name:"RHSA", value:"RHSA-2018:1640");
  script_xref(name:"RHSA", value:"RHSA-2018:1639");
  script_xref(name:"RHSA", value:"RHSA-2018:1638");
  script_xref(name:"RHSA", value:"RHSA-2018:1637");
  script_xref(name:"USN", value:"USN-3680-1");
  script_xref(name:"USN", value:"USN-3679-1");
  script_xref(name:"RHSA", value:"RHSA-2018:1826");
  script_xref(name:"RHSA", value:"RHSA-2018:1854");
  script_xref(name:"RHSA", value:"RHSA-2018:2006");
  script_xref(name:"RHSA", value:"RHSA-2018:2003");
  script_xref(name:"RHSA", value:"RHSA-2018:2001");
  script_xref(name:"RHSA", value:"RHSA-2018:1997");
  script_xref(name:"RHSA", value:"RHSA-2018:1967");
  script_xref(name:"RHSA", value:"RHSA-2018:1965");
  script_xref(name:"RHSA", value:"RHSA-2018:2060");
  script_xref(name:"RHSA", value:"RHSA-2018:2164");
  script_xref(name:"RHSA", value:"RHSA-2018:2162");
  script_xref(name:"RHSA", value:"RHSA-2018:2161");
  script_xref(name:"RHSA", value:"RHSA-2018:2172");
  script_xref(name:"RHSA", value:"RHSA-2018:2171");
  script_xref(name:"RHSA", value:"RHSA-2018:2216");
  script_xref(name:"RHSA", value:"RHSA-2018:2228");
  script_xref(name:"RHSA", value:"RHSA-2018:2250");
  script_xref(name:"RHSA", value:"RHSA-2018:2246");
  script_xref(name:"RHSA", value:"RHSA-2018:2258");
  script_xref(name:"RHSA", value:"RHSA-2018:2289");
  script_xref(name:"RHSA", value:"RHSA-2018:2328");
  script_xref(name:"RHSA", value:"RHSA-2018:2309");
  script_xref(name:"RHSA", value:"RHSA-2018:2364");
  script_xref(name:"RHSA", value:"RHSA-2018:2363");
  script_xref(name:"RHSA", value:"RHSA-2018:2396");
  script_xref(name:"RHSA", value:"RHSA-2018:2394");
  script_xref(name:"RHSA", value:"RHSA-2018:2387");
  script_xref(name:"DSA", value:"DSA-4273");
  script_xref(name:"USN", value:"USN-3756-1");
  script_xref(name:"USN", value:"USN-3777-3");
  script_xref(name:"RHSA", value:"RHSA-2018:3425");
  script_xref(name:"RHSA", value:"RHSA-2018:3424");
  script_xref(name:"RHSA", value:"RHSA-2018:3423");
  script_xref(name:"RHSA", value:"RHSA-2018:3407");
  script_xref(name:"RHSA", value:"RHSA-2018:3402");
  script_xref(name:"RHSA", value:"RHSA-2018:3401");
  script_xref(name:"RHSA", value:"RHSA-2018:3400");
  script_xref(name:"RHSA", value:"RHSA-2018:3399");
  script_xref(name:"RHSA", value:"RHSA-2018:3398");
  script_xref(name:"RHSA", value:"RHSA-2018:3397");
  script_xref(name:"RHSA", value:"RHSA-2018:3396");
  script_xref(name:"RHSA", value:"RHSA-2018:2948");
  script_xref(name:"RHSA", value:"RHSA-2019:0148");
  script_xref(name:"RHSA", value:"RHSA-2019:1046");
  script_xref(name:"SuSE", value:"openSUSE-SU-2019:1439");
  script_xref(name:"SuSE", value:"openSUSE-SU-2019:1438");
  script_xref(name:"SuSE", value:"openSUSE-SU-2020:1325");

  script_name(english:"Siemens SIMATIC Spectre-NG Variants 3a and 4 (CVE-2018-3639)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the
addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.  

This plugin only works
with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.us-cert.gov/ncas/alerts/TA18-141A");
  # https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c2acd2ee");
  script_set_attribute(attribute:"see_also", value:"https://www.synology.com/support/security/Synology_SA_18_23");
  script_set_attribute(attribute:"see_also", value:"https://www.kb.cert.org/vuls/id/180049");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-2/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-2/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-1/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-2/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-1/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3652-1/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3651-1/");
  # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fc974ba6");
  script_set_attribute(attribute:"see_also", value:"https://support.citrix.com/article/CTX235225");
  script_set_attribute(attribute:"see_also", value:"https://security.netapp.com/advisory/ntap-20180521-0001/");
  # https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?36d8913e");
  # https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c89c164f");
  script_set_attribute(attribute:"see_also", value:"https://bugs.chromium.org/p/project-zero/issues/detail?id=1528");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1660");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1655");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1647");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1630");
  script_set_attribute(attribute:"see_also", value:"http://xenbits.xen.org/xsa/advisory-263.html");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1040949");
  script_set_attribute(attribute:"see_also", value:"http://support.lenovo.com/us/en/solutions/LEN-22133");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1690");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1689");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1688");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1686");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1676");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1675");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1674");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1669");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1668");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1667");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1666");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1665");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1664");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1663");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1662");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1661");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1659");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1658");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1657");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1656");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1654");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1653");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1652");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1651");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1650");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1649");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1648");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1646");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1645");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1644");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1643");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1642");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1636");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1635");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1633");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1632");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1629");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/104232");
  script_set_attribute(attribute:"see_also", value:"https://www.exploit-db.com/exploits/44695/");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1711");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1710");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1696");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4210");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-1/");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1738");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1737");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1641");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1640");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1639");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1638");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1637");
  # http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ab57ba47");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3680-1/");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3679-1/");
  # https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?abd55666");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1826");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1854");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2006");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2003");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2001");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1997");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1967");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1965");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2060");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2164");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2162");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2161");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2172");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2171");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2216");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2228");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2250");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2246");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2258");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2289");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2328");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2309");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2364");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2363");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2396");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2394");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2387");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4273");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3756-1/");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html");
  script_set_attribute(attribute:"see_also", value:"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004");
  script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3777-3/");
  # https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?23319717");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3425");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3424");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3423");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3407");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3402");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3401");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3400");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3399");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3398");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3397");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3396");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2948");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1042004");
  # https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?148b2157");
  # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?799b2d05");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:0148");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html");
  script_set_attribute(attribute:"see_also", value:"https://nvidia.custhelp.com/app/answers/detail/a_id/4787");
  # https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c34fd747");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:1046");
  # http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9073d091");
  # http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ccb7a56c");
  script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2019/Jun/36");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf");
  script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/1");
  script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/2");
  script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/5");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujul2020.html");
  # http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d5299d44");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-3639");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(203);

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_et_200_sp_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:simatic_et_200_sp_firmware" :
        {"versionEndExcluding" : "2.6", "family" : "ET200"},
    "cpe:/o:siemens:simatic_s7-1500_firmware" :
        {"versionEndExcluding" : "2.6", "family" : "S71500"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);

VendorProductVersionCPE
siemenssimatic_s7-1500_firmwarecpe:/o:siemens:simatic_s7-1500_firmware
siemenssimatic_et_200_sp_firmwarecpe:/o:siemens:simatic_et_200_sp_firmware

Vendor	Product	Version	CPE
siemens	simatic_s7-1500_firmware		cpe:/o:siemens:simatic_s7-1500_firmware
siemens	simatic_et_200_sp_firmware		cpe:/o:siemens:simatic_et_200_sp_firmware

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639

support.lenovo.com/us/en/solutions/LEN-22133

www.nessus.org/u?148b2157

www.nessus.org/u?23319717

www.nessus.org/u?36d8913e

www.nessus.org/u?799b2d05

www.nessus.org/u?9073d091

www.nessus.org/u?ab57ba47

www.nessus.org/u?abd55666

www.nessus.org/u?c2acd2ee

www.nessus.org/u?c34fd747

www.nessus.org/u?c89c164f

www.nessus.org/u?ccb7a56c

www.nessus.org/u?d5299d44

www.nessus.org/u?fc974ba6

www.openwall.com/lists/oss-security/2020/06/10/1

www.openwall.com/lists/oss-security/2020/06/10/2

www.openwall.com/lists/oss-security/2020/06/10/5

www.securityfocus.com/bid/104232

www.securitytracker.com/id/1040949

www.securitytracker.com/id/1042004

xenbits.xen.org/xsa/advisory-263.html

access.redhat.com/errata/RHSA-2018:1629

access.redhat.com/errata/RHSA-2018:1630

access.redhat.com/errata/RHSA-2018:1632

access.redhat.com/errata/RHSA-2018:1633

access.redhat.com/errata/RHSA-2018:1635

access.redhat.com/errata/RHSA-2018:1636

access.redhat.com/errata/RHSA-2018:1637

access.redhat.com/errata/RHSA-2018:1638

access.redhat.com/errata/RHSA-2018:1639

access.redhat.com/errata/RHSA-2018:1640

access.redhat.com/errata/RHSA-2018:1641

access.redhat.com/errata/RHSA-2018:1642

access.redhat.com/errata/RHSA-2018:1643

access.redhat.com/errata/RHSA-2018:1644

access.redhat.com/errata/RHSA-2018:1645

access.redhat.com/errata/RHSA-2018:1646

access.redhat.com/errata/RHSA-2018:1647

access.redhat.com/errata/RHSA-2018:1648

access.redhat.com/errata/RHSA-2018:1649

access.redhat.com/errata/RHSA-2018:1650

access.redhat.com/errata/RHSA-2018:1651

access.redhat.com/errata/RHSA-2018:1652

access.redhat.com/errata/RHSA-2018:1653

access.redhat.com/errata/RHSA-2018:1654

access.redhat.com/errata/RHSA-2018:1655

access.redhat.com/errata/RHSA-2018:1656

access.redhat.com/errata/RHSA-2018:1657

access.redhat.com/errata/RHSA-2018:1658

access.redhat.com/errata/RHSA-2018:1659

access.redhat.com/errata/RHSA-2018:1660

access.redhat.com/errata/RHSA-2018:1661

access.redhat.com/errata/RHSA-2018:1662

access.redhat.com/errata/RHSA-2018:1663

access.redhat.com/errata/RHSA-2018:1664

access.redhat.com/errata/RHSA-2018:1665

access.redhat.com/errata/RHSA-2018:1666

access.redhat.com/errata/RHSA-2018:1667

access.redhat.com/errata/RHSA-2018:1668

access.redhat.com/errata/RHSA-2018:1669

access.redhat.com/errata/RHSA-2018:1674

access.redhat.com/errata/RHSA-2018:1675

access.redhat.com/errata/RHSA-2018:1676

access.redhat.com/errata/RHSA-2018:1686

access.redhat.com/errata/RHSA-2018:1688

access.redhat.com/errata/RHSA-2018:1689

access.redhat.com/errata/RHSA-2018:1690

access.redhat.com/errata/RHSA-2018:1696

access.redhat.com/errata/RHSA-2018:1710

access.redhat.com/errata/RHSA-2018:1711

access.redhat.com/errata/RHSA-2018:1737

access.redhat.com/errata/RHSA-2018:1738

access.redhat.com/errata/RHSA-2018:1826

access.redhat.com/errata/RHSA-2018:1854

access.redhat.com/errata/RHSA-2018:1965

access.redhat.com/errata/RHSA-2018:1967

access.redhat.com/errata/RHSA-2018:1997

access.redhat.com/errata/RHSA-2018:2001

access.redhat.com/errata/RHSA-2018:2003

access.redhat.com/errata/RHSA-2018:2006

access.redhat.com/errata/RHSA-2018:2060

access.redhat.com/errata/RHSA-2018:2161

access.redhat.com/errata/RHSA-2018:2162

access.redhat.com/errata/RHSA-2018:2164

access.redhat.com/errata/RHSA-2018:2171

access.redhat.com/errata/RHSA-2018:2172

access.redhat.com/errata/RHSA-2018:2216

access.redhat.com/errata/RHSA-2018:2228

access.redhat.com/errata/RHSA-2018:2246

access.redhat.com/errata/RHSA-2018:2250

access.redhat.com/errata/RHSA-2018:2258

access.redhat.com/errata/RHSA-2018:2289

access.redhat.com/errata/RHSA-2018:2309

access.redhat.com/errata/RHSA-2018:2328

access.redhat.com/errata/RHSA-2018:2363

access.redhat.com/errata/RHSA-2018:2364

access.redhat.com/errata/RHSA-2018:2387

access.redhat.com/errata/RHSA-2018:2394

access.redhat.com/errata/RHSA-2018:2396

access.redhat.com/errata/RHSA-2018:2948

access.redhat.com/errata/RHSA-2018:3396

access.redhat.com/errata/RHSA-2018:3397

access.redhat.com/errata/RHSA-2018:3398

access.redhat.com/errata/RHSA-2018:3399

access.redhat.com/errata/RHSA-2018:3400

access.redhat.com/errata/RHSA-2018:3401

access.redhat.com/errata/RHSA-2018:3402

access.redhat.com/errata/RHSA-2018:3407

access.redhat.com/errata/RHSA-2018:3423

access.redhat.com/errata/RHSA-2018:3424

access.redhat.com/errata/RHSA-2018:3425

access.redhat.com/errata/RHSA-2019:0148

access.redhat.com/errata/RHSA-2019:1046

bugs.chromium.org/p/project-zero/issues/detail?id=1528

cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf

cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf

cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf

lists.debian.org/debian-lts-announce/2018/07/msg00020.html

lists.debian.org/debian-lts-announce/2018/07/msg00038.html

lists.debian.org/debian-lts-announce/2018/09/msg00017.html

lists.debian.org/debian-lts-announce/2019/03/msg00017.html

lists.debian.org/debian-lts-announce/2019/03/msg00034.html

lists.debian.org/debian-lts-announce/2019/04/msg00004.html

nvidia.custhelp.com/app/answers/detail/a_id/4787

psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004

seclists.org/bugtraq/2019/Jun/36

security.netapp.com/advisory/ntap-20180521-0001/

support.citrix.com/article/CTX235225

usn.ubuntu.com/3651-1/

usn.ubuntu.com/3652-1/

usn.ubuntu.com/3653-1/

usn.ubuntu.com/3653-2/

usn.ubuntu.com/3654-1/

usn.ubuntu.com/3654-2/

usn.ubuntu.com/3655-1/

usn.ubuntu.com/3655-2/

usn.ubuntu.com/3679-1/

usn.ubuntu.com/3680-1/

usn.ubuntu.com/3756-1/

usn.ubuntu.com/3777-3/

www.debian.org/security/2018/dsa-4210

www.debian.org/security/2018/dsa-4273

www.exploit-db.com/exploits/44695/

www.kb.cert.org/vuls/id/180049

www.oracle.com/security-alerts/cpujul2020.html

www.synology.com/support/security/Synology_SA_18_23

www.us-cert.gov/ncas/alerts/TA18-141A

7 High

AI Score

Confidence

High

JSON

Related for TENABLE_OT_SIEMENS_CVE-2018-3639.NASL