CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
65.2%
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500248);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/22");
script_cve_id("CVE-2018-3639");
script_xref(name:"CERT", value:"TA18-141A");
script_xref(name:"USN", value:"USN-3655-2");
script_xref(name:"USN", value:"USN-3654-2");
script_xref(name:"USN", value:"USN-3654-1");
script_xref(name:"USN", value:"USN-3653-2");
script_xref(name:"USN", value:"USN-3653-1");
script_xref(name:"USN", value:"USN-3652-1");
script_xref(name:"USN", value:"USN-3651-1");
script_xref(name:"RHSA", value:"RHSA-2018:1660");
script_xref(name:"RHSA", value:"RHSA-2018:1655");
script_xref(name:"RHSA", value:"RHSA-2018:1647");
script_xref(name:"RHSA", value:"RHSA-2018:1630");
script_xref(name:"RHSA", value:"RHSA-2018:1690");
script_xref(name:"RHSA", value:"RHSA-2018:1689");
script_xref(name:"RHSA", value:"RHSA-2018:1688");
script_xref(name:"RHSA", value:"RHSA-2018:1686");
script_xref(name:"RHSA", value:"RHSA-2018:1676");
script_xref(name:"RHSA", value:"RHSA-2018:1675");
script_xref(name:"RHSA", value:"RHSA-2018:1674");
script_xref(name:"RHSA", value:"RHSA-2018:1669");
script_xref(name:"RHSA", value:"RHSA-2018:1668");
script_xref(name:"RHSA", value:"RHSA-2018:1667");
script_xref(name:"RHSA", value:"RHSA-2018:1666");
script_xref(name:"RHSA", value:"RHSA-2018:1665");
script_xref(name:"RHSA", value:"RHSA-2018:1664");
script_xref(name:"RHSA", value:"RHSA-2018:1663");
script_xref(name:"RHSA", value:"RHSA-2018:1662");
script_xref(name:"RHSA", value:"RHSA-2018:1661");
script_xref(name:"RHSA", value:"RHSA-2018:1659");
script_xref(name:"RHSA", value:"RHSA-2018:1658");
script_xref(name:"RHSA", value:"RHSA-2018:1657");
script_xref(name:"RHSA", value:"RHSA-2018:1656");
script_xref(name:"RHSA", value:"RHSA-2018:1654");
script_xref(name:"RHSA", value:"RHSA-2018:1653");
script_xref(name:"RHSA", value:"RHSA-2018:1652");
script_xref(name:"RHSA", value:"RHSA-2018:1651");
script_xref(name:"RHSA", value:"RHSA-2018:1650");
script_xref(name:"RHSA", value:"RHSA-2018:1649");
script_xref(name:"RHSA", value:"RHSA-2018:1648");
script_xref(name:"RHSA", value:"RHSA-2018:1646");
script_xref(name:"RHSA", value:"RHSA-2018:1645");
script_xref(name:"RHSA", value:"RHSA-2018:1644");
script_xref(name:"RHSA", value:"RHSA-2018:1643");
script_xref(name:"RHSA", value:"RHSA-2018:1642");
script_xref(name:"RHSA", value:"RHSA-2018:1636");
script_xref(name:"RHSA", value:"RHSA-2018:1635");
script_xref(name:"RHSA", value:"RHSA-2018:1633");
script_xref(name:"RHSA", value:"RHSA-2018:1632");
script_xref(name:"RHSA", value:"RHSA-2018:1629");
script_xref(name:"EDB-ID", value:"44695");
script_xref(name:"RHSA", value:"RHSA-2018:1711");
script_xref(name:"RHSA", value:"RHSA-2018:1710");
script_xref(name:"RHSA", value:"RHSA-2018:1696");
script_xref(name:"DSA", value:"DSA-4210");
script_xref(name:"USN", value:"USN-3655-1");
script_xref(name:"RHSA", value:"RHSA-2018:1738");
script_xref(name:"RHSA", value:"RHSA-2018:1737");
script_xref(name:"RHSA", value:"RHSA-2018:1641");
script_xref(name:"RHSA", value:"RHSA-2018:1640");
script_xref(name:"RHSA", value:"RHSA-2018:1639");
script_xref(name:"RHSA", value:"RHSA-2018:1638");
script_xref(name:"RHSA", value:"RHSA-2018:1637");
script_xref(name:"USN", value:"USN-3680-1");
script_xref(name:"USN", value:"USN-3679-1");
script_xref(name:"RHSA", value:"RHSA-2018:1826");
script_xref(name:"RHSA", value:"RHSA-2018:1854");
script_xref(name:"RHSA", value:"RHSA-2018:2006");
script_xref(name:"RHSA", value:"RHSA-2018:2003");
script_xref(name:"RHSA", value:"RHSA-2018:2001");
script_xref(name:"RHSA", value:"RHSA-2018:1997");
script_xref(name:"RHSA", value:"RHSA-2018:1967");
script_xref(name:"RHSA", value:"RHSA-2018:1965");
script_xref(name:"RHSA", value:"RHSA-2018:2060");
script_xref(name:"RHSA", value:"RHSA-2018:2164");
script_xref(name:"RHSA", value:"RHSA-2018:2162");
script_xref(name:"RHSA", value:"RHSA-2018:2161");
script_xref(name:"RHSA", value:"RHSA-2018:2172");
script_xref(name:"RHSA", value:"RHSA-2018:2171");
script_xref(name:"RHSA", value:"RHSA-2018:2216");
script_xref(name:"RHSA", value:"RHSA-2018:2228");
script_xref(name:"RHSA", value:"RHSA-2018:2250");
script_xref(name:"RHSA", value:"RHSA-2018:2246");
script_xref(name:"RHSA", value:"RHSA-2018:2258");
script_xref(name:"RHSA", value:"RHSA-2018:2289");
script_xref(name:"RHSA", value:"RHSA-2018:2328");
script_xref(name:"RHSA", value:"RHSA-2018:2309");
script_xref(name:"RHSA", value:"RHSA-2018:2364");
script_xref(name:"RHSA", value:"RHSA-2018:2363");
script_xref(name:"RHSA", value:"RHSA-2018:2396");
script_xref(name:"RHSA", value:"RHSA-2018:2394");
script_xref(name:"RHSA", value:"RHSA-2018:2387");
script_xref(name:"DSA", value:"DSA-4273");
script_xref(name:"USN", value:"USN-3756-1");
script_xref(name:"USN", value:"USN-3777-3");
script_xref(name:"RHSA", value:"RHSA-2018:3425");
script_xref(name:"RHSA", value:"RHSA-2018:3424");
script_xref(name:"RHSA", value:"RHSA-2018:3423");
script_xref(name:"RHSA", value:"RHSA-2018:3407");
script_xref(name:"RHSA", value:"RHSA-2018:3402");
script_xref(name:"RHSA", value:"RHSA-2018:3401");
script_xref(name:"RHSA", value:"RHSA-2018:3400");
script_xref(name:"RHSA", value:"RHSA-2018:3399");
script_xref(name:"RHSA", value:"RHSA-2018:3398");
script_xref(name:"RHSA", value:"RHSA-2018:3397");
script_xref(name:"RHSA", value:"RHSA-2018:3396");
script_xref(name:"RHSA", value:"RHSA-2018:2948");
script_xref(name:"RHSA", value:"RHSA-2019:0148");
script_xref(name:"RHSA", value:"RHSA-2019:1046");
script_xref(name:"SuSE", value:"openSUSE-SU-2019:1439");
script_xref(name:"SuSE", value:"openSUSE-SU-2019:1438");
script_xref(name:"SuSE", value:"openSUSE-SU-2020:1325");
script_name(english:"Siemens SIMATIC Spectre-NG Variants 3a and 4 (CVE-2018-3639)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the
addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
This plugin only works
with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://www.us-cert.gov/ncas/alerts/TA18-141A");
# https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c2acd2ee");
script_set_attribute(attribute:"see_also", value:"https://www.synology.com/support/security/Synology_SA_18_23");
script_set_attribute(attribute:"see_also", value:"https://www.kb.cert.org/vuls/id/180049");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3652-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3651-1/");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fc974ba6");
script_set_attribute(attribute:"see_also", value:"https://support.citrix.com/article/CTX235225");
script_set_attribute(attribute:"see_also", value:"https://security.netapp.com/advisory/ntap-20180521-0001/");
# https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?36d8913e");
# https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c89c164f");
script_set_attribute(attribute:"see_also", value:"https://bugs.chromium.org/p/project-zero/issues/detail?id=1528");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1660");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1655");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1647");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1630");
script_set_attribute(attribute:"see_also", value:"http://xenbits.xen.org/xsa/advisory-263.html");
script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1040949");
script_set_attribute(attribute:"see_also", value:"http://support.lenovo.com/us/en/solutions/LEN-22133");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1690");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1689");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1688");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1686");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1676");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1675");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1674");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1669");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1668");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1667");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1666");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1665");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1664");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1663");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1662");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1661");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1659");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1658");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1657");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1656");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1654");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1653");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1652");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1651");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1650");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1649");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1648");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1646");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1645");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1644");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1643");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1642");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1636");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1635");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1633");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1632");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1629");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/104232");
script_set_attribute(attribute:"see_also", value:"https://www.exploit-db.com/exploits/44695/");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1711");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1710");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1696");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4210");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-1/");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1738");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1737");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1641");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1640");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1639");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1638");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1637");
# http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ab57ba47");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3680-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3679-1/");
# https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?abd55666");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1826");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1854");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2006");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2003");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2001");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1997");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1967");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1965");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2060");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2164");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2162");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2161");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2172");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2171");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2216");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2228");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2250");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2246");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2258");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2289");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2328");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2309");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2364");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2363");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2396");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2394");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2387");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4273");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3756-1/");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html");
script_set_attribute(attribute:"see_also", value:"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3777-3/");
# https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?23319717");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3425");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3424");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3423");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3407");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3402");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3401");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3400");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3399");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3398");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3397");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3396");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2948");
script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1042004");
# https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?148b2157");
# https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?799b2d05");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:0148");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html");
script_set_attribute(attribute:"see_also", value:"https://nvidia.custhelp.com/app/answers/detail/a_id/4787");
# https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c34fd747");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:1046");
# http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9073d091");
# http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ccb7a56c");
script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2019/Jun/36");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/1");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/2");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/5");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujul2020.html");
# http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d5299d44");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-3639");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(203);
script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/22");
script_set_attribute(attribute:"patch_publication_date", value:"2018/05/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_et_200_sp_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_firmware");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:simatic_et_200_sp_firmware" :
{"versionEndExcluding" : "2.6", "family" : "ET200"},
"cpe:/o:siemens:simatic_s7-1500_firmware" :
{"versionEndExcluding" : "2.6", "family" : "S71500"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
support.lenovo.com/us/en/solutions/LEN-22133
www.nessus.org/u?148b2157
www.nessus.org/u?23319717
www.nessus.org/u?36d8913e
www.nessus.org/u?799b2d05
www.nessus.org/u?9073d091
www.nessus.org/u?ab57ba47
www.nessus.org/u?abd55666
www.nessus.org/u?c2acd2ee
www.nessus.org/u?c34fd747
www.nessus.org/u?c89c164f
www.nessus.org/u?ccb7a56c
www.nessus.org/u?d5299d44
www.nessus.org/u?fc974ba6
www.openwall.com/lists/oss-security/2020/06/10/1
www.openwall.com/lists/oss-security/2020/06/10/2
www.openwall.com/lists/oss-security/2020/06/10/5
www.securityfocus.com/bid/104232
www.securitytracker.com/id/1040949
www.securitytracker.com/id/1042004
xenbits.xen.org/xsa/advisory-263.html
access.redhat.com/errata/RHSA-2018:1629
access.redhat.com/errata/RHSA-2018:1630
access.redhat.com/errata/RHSA-2018:1632
access.redhat.com/errata/RHSA-2018:1633
access.redhat.com/errata/RHSA-2018:1635
access.redhat.com/errata/RHSA-2018:1636
access.redhat.com/errata/RHSA-2018:1637
access.redhat.com/errata/RHSA-2018:1638
access.redhat.com/errata/RHSA-2018:1639
access.redhat.com/errata/RHSA-2018:1640
access.redhat.com/errata/RHSA-2018:1641
access.redhat.com/errata/RHSA-2018:1642
access.redhat.com/errata/RHSA-2018:1643
access.redhat.com/errata/RHSA-2018:1644
access.redhat.com/errata/RHSA-2018:1645
access.redhat.com/errata/RHSA-2018:1646
access.redhat.com/errata/RHSA-2018:1647
access.redhat.com/errata/RHSA-2018:1648
access.redhat.com/errata/RHSA-2018:1649
access.redhat.com/errata/RHSA-2018:1650
access.redhat.com/errata/RHSA-2018:1651
access.redhat.com/errata/RHSA-2018:1652
access.redhat.com/errata/RHSA-2018:1653
access.redhat.com/errata/RHSA-2018:1654
access.redhat.com/errata/RHSA-2018:1655
access.redhat.com/errata/RHSA-2018:1656
access.redhat.com/errata/RHSA-2018:1657
access.redhat.com/errata/RHSA-2018:1658
access.redhat.com/errata/RHSA-2018:1659
access.redhat.com/errata/RHSA-2018:1660
access.redhat.com/errata/RHSA-2018:1661
access.redhat.com/errata/RHSA-2018:1662
access.redhat.com/errata/RHSA-2018:1663
access.redhat.com/errata/RHSA-2018:1664
access.redhat.com/errata/RHSA-2018:1665
access.redhat.com/errata/RHSA-2018:1666
access.redhat.com/errata/RHSA-2018:1667
access.redhat.com/errata/RHSA-2018:1668
access.redhat.com/errata/RHSA-2018:1669
access.redhat.com/errata/RHSA-2018:1674
access.redhat.com/errata/RHSA-2018:1675
access.redhat.com/errata/RHSA-2018:1676
access.redhat.com/errata/RHSA-2018:1686
access.redhat.com/errata/RHSA-2018:1688
access.redhat.com/errata/RHSA-2018:1689
access.redhat.com/errata/RHSA-2018:1690
access.redhat.com/errata/RHSA-2018:1696
access.redhat.com/errata/RHSA-2018:1710
access.redhat.com/errata/RHSA-2018:1711
access.redhat.com/errata/RHSA-2018:1737
access.redhat.com/errata/RHSA-2018:1738
access.redhat.com/errata/RHSA-2018:1826
access.redhat.com/errata/RHSA-2018:1854
access.redhat.com/errata/RHSA-2018:1965
access.redhat.com/errata/RHSA-2018:1967
access.redhat.com/errata/RHSA-2018:1997
access.redhat.com/errata/RHSA-2018:2001
access.redhat.com/errata/RHSA-2018:2003
access.redhat.com/errata/RHSA-2018:2006
access.redhat.com/errata/RHSA-2018:2060
access.redhat.com/errata/RHSA-2018:2161
access.redhat.com/errata/RHSA-2018:2162
access.redhat.com/errata/RHSA-2018:2164
access.redhat.com/errata/RHSA-2018:2171
access.redhat.com/errata/RHSA-2018:2172
access.redhat.com/errata/RHSA-2018:2216
access.redhat.com/errata/RHSA-2018:2228
access.redhat.com/errata/RHSA-2018:2246
access.redhat.com/errata/RHSA-2018:2250
access.redhat.com/errata/RHSA-2018:2258
access.redhat.com/errata/RHSA-2018:2289
access.redhat.com/errata/RHSA-2018:2309
access.redhat.com/errata/RHSA-2018:2328
access.redhat.com/errata/RHSA-2018:2363
access.redhat.com/errata/RHSA-2018:2364
access.redhat.com/errata/RHSA-2018:2387
access.redhat.com/errata/RHSA-2018:2394
access.redhat.com/errata/RHSA-2018:2396
access.redhat.com/errata/RHSA-2018:2948
access.redhat.com/errata/RHSA-2018:3396
access.redhat.com/errata/RHSA-2018:3397
access.redhat.com/errata/RHSA-2018:3398
access.redhat.com/errata/RHSA-2018:3399
access.redhat.com/errata/RHSA-2018:3400
access.redhat.com/errata/RHSA-2018:3401
access.redhat.com/errata/RHSA-2018:3402
access.redhat.com/errata/RHSA-2018:3407
access.redhat.com/errata/RHSA-2018:3423
access.redhat.com/errata/RHSA-2018:3424
access.redhat.com/errata/RHSA-2018:3425
access.redhat.com/errata/RHSA-2019:0148
access.redhat.com/errata/RHSA-2019:1046
bugs.chromium.org/p/project-zero/issues/detail?id=1528
cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
lists.debian.org/debian-lts-announce/2018/07/msg00020.html
lists.debian.org/debian-lts-announce/2018/07/msg00038.html
lists.debian.org/debian-lts-announce/2018/09/msg00017.html
lists.debian.org/debian-lts-announce/2019/03/msg00017.html
lists.debian.org/debian-lts-announce/2019/03/msg00034.html
lists.debian.org/debian-lts-announce/2019/04/msg00004.html
nvidia.custhelp.com/app/answers/detail/a_id/4787
psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
seclists.org/bugtraq/2019/Jun/36
security.netapp.com/advisory/ntap-20180521-0001/
support.citrix.com/article/CTX235225
usn.ubuntu.com/3651-1/
usn.ubuntu.com/3652-1/
usn.ubuntu.com/3653-1/
usn.ubuntu.com/3653-2/
usn.ubuntu.com/3654-1/
usn.ubuntu.com/3654-2/
usn.ubuntu.com/3655-1/
usn.ubuntu.com/3655-2/
usn.ubuntu.com/3679-1/
usn.ubuntu.com/3680-1/
usn.ubuntu.com/3756-1/
usn.ubuntu.com/3777-3/
www.debian.org/security/2018/dsa-4210
www.debian.org/security/2018/dsa-4273
www.exploit-db.com/exploits/44695/
www.kb.cert.org/vuls/id/180049
www.oracle.com/security-alerts/cpujul2020.html
www.synology.com/support/security/Synology_SA_18_23
www.us-cert.gov/ncas/alerts/TA18-141A
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
65.2%