CVE-2018-13801

CVE-2018-13801

Vendor Siemens Ag

Product ROX II

Weakness CWE-264

Published October 10, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in ROX II (All versions < V2.12.1). An attacker with network access to port 22/tcp and valid low-privileged user credentials for the target device could perform a privilege escalation and gain root privileges. Successful exploitation requires user privileges of a low-privileged user but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system.

Key dates

02Disclosure timeline

October 10, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-13801

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE