{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T08:44:04.868","vulnerabilities":[{"cve":{"id":"CVE-2018-4834","sourceIdentifier":"productcert@siemens.com","published":"2018-01-24T16:29:00.233","lastModified":"2024-11-21T04:07:32.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Desigo PXC00-E.D V4.10 (All versions < V4.10.111), Desigo PXC00-E.D V5.00 (All versions < V5.0.171), Desigo PXC00-E.D V5.10 (All versions < V5.10.69), Desigo PXC00-E.D V6.00 (All versions < V6.0.204), Desigo PXC00/64/128-U V4.10 (All versions < V4.10.111 only with web module), Desigo PXC00/64/128-U V5.00 (All versions < V5.0.171 only with web module), Desigo PXC00/64/128-U V5.10 (All versions < V5.10.69 only with web module), Desigo PXC00/64/128-U V6.00 (All versions < V6.0.204 only with web module), Desigo PXC001-E.D V4.10 (All versions < V4.10.111), Desigo PXC001-E.D V5.00 (All versions < V5.0.171), Desigo PXC001-E.D V5.10 (All versions < V5.10.69), Desigo PXC001-E.D V6.00 (All versions < V6.0.204), Desigo PXC100-E.D V4.10 (All versions < V4.10.111), Desigo PXC100-E.D V5.00 (All versions < V5.0.171), Desigo PXC100-E.D V5.10 (All versions < V5.10.69), Desigo PXC100-E.D V6.00 (All versions < V6.0.204), Desigo PXC12-E.D V4.10 (All versions < V4.10.111), Desigo PXC12-E.D V5.00 (All versions < V5.0.171), Desigo PXC12-E.D V5.10 (All versions < V5.10.69), Desigo PXC12-E.D V6.00 (All versions < V6.0.204), Desigo PXC200-E.D V4.10 (All versions < V4.10.111), Desigo PXC200-E.D V5.00 (All versions < V5.0.171), Desigo PXC200-E.D V5.10 (All versions < V5.10.69), Desigo PXC200-E.D V6.00 (All versions < V6.0.204), Desigo PXC22-E.D V4.10 (All versions < V4.10.111), Desigo PXC22-E.D V5.00 (All versions < V5.0.171), Desigo PXC22-E.D V5.10 (All versions < V5.10.69), Desigo PXC22-E.D V6.00 (All versions < V6.0.204), Desigo PXC22.1-E.D V4.10 (All versions < V4.10.111), Desigo PXC22.1-E.D V5.00 (All versions < V5.0.171), Desigo PXC22.1-E.D V5.10 (All versions < V5.10.69), Desigo PXC22.1-E.D V6.00 (All versions < V6.0.204), Desigo PXC36.1-E.D V4.10 (All versions < V4.10.111), Desigo PXC36.1-E.D V5.00 (All versions < V5.0.171), Desigo PXC36.1-E.D V5.10 (All versions < V5.10.69), Desigo PXC36.1-E.D V6.00 (All versions < V6.0.204), Desigo PXC50-E.D V4.10 (All versions < V4.10.111), Desigo PXC50-E.D V5.00 (All versions < V5.0.171), Desigo PXC50-E.D V5.10 (All versions < V5.10.69), Desigo PXC50-E.D V6.00 (All versions < V6.0.204), Desigo PXM20-E V4.10 (All versions < V4.10.111), Desigo PXM20-E V5.00 (All versions < V5.0.171), Desigo PXM20-E V5.10 (All versions < V5.10.69), Desigo PXM20-E V6.00 (All versions < V6.0.204). A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en los productos Desigo Automation Controllers y en Desigo Operator Unit PXM20-E. Un atacante remoto con acceso de red al dispositivo podría, potencialmente, subir una imagen de firmware nueva a los dispositivos sin autenticarse previamente"}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:pxc12\\/22\\/36-e.d_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.00.204","matchCriteriaId":"EB3EFB45-2BDA-49B2-A57A-1658F6647071"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:pxc12\\/22\\/36-e.d:-:*:*:*:*:*:*:*","matchCriteriaId":"98A94188-DA44-4589-84E6-21EA3173FC04"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:pxc00\\/50\\/100\\/200-e.d_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.00.204","matchCriteriaId":"33E97D28-8773-4527-BD8A-DBDB8C07C656"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:pxc00\\/50\\/100\\/200-e.d:-:*:*:*:*:*:*:*","matchCriteriaId":"F2E585BE-B703-4F72-998C-70E9B727C8AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:pxc00\\/64\\/128-u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.00.204","matchCriteriaId":"B141DA74-1797-4428-91BC-A2035F0D3801"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:pxc00\\/64\\/128-u:-:*:*:*:*:*:*:*","matchCriteriaId":"EA44E3BB-C70B-4F42-9E48-54F382CB8D07"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:pxc001-e.d_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.00.204","matchCriteriaId":"869EBBBF-36C8-49D0-9E1C-0A7D3C47AB1B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:pxc001-e.d:-:*:*:*:*:*:*:*","matchCriteriaId":"806D022B-0EDF-427C-B032-302C3D8A05C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:pxm20-e_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.00.204","matchCriteriaId":"5546BF4E-86B8-47A1-9418-8CF80EA56B96"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:pxm20-e:-:*:*:*:*:*:*:*","matchCriteriaId":"2EF412E3-E0C0-485F-9266-626AFBEB7048"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-824231.pdf","source":"productcert@siemens.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-824231.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}