CVE-2018-11452
CVE-2018-11452 is a high-severity vulnerability in Siemens Dnp3 Tcp Firmware with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-20.
Key facts
- Severity: High (CVSS 3.x base score 7.5)
- CVSS v2: 7.8
- EPSS exploit prediction: 2% (82nd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-20
- Affected product: Siemens Dnp3 Tcp Firmware
- Published:
- Last modified:
Description
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the EN100 communication module if oscillographs are running. A manual restart is required to recover the EN100 module functionality. Successful exploitation requires an attacker with network access to send multiple packets to the EN100 module. As a precondition the IEC 61850-MMS communication needs to be activated on the affected EN100 modules. No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Frequently asked questions
- What is CVE-2018-11452?
- A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the EN100 communication module if oscillographs are running. A manual restart is required to recover the EN100 module functionality. Successful exploitation requires an attacker with network access to send multiple packets to the EN100 module. As a precondition the IEC 61850-MMS communication needs to be activated on the affected EN100 modules. No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.
- How severe is CVE-2018-11452?
- CVE-2018-11452 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2018-11452 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (82nd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2018-11452?
- CVE-2018-11452 primarily affects Siemens Dnp3 Tcp Firmware. In total, 8 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2018-11452?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2018-11452 published?
- CVE-2018-11452 was published on 2018-07-23 and last updated on 2026-06-17.
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-325546.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-635129.pdf
- https://www.securityfocus.com/bid/106221
Affected products (8)
- cpe:2.3:o:siemens:dnp3_tcp_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:iec_61850_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:iec104_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:modbus_tcp_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:profinet_io_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:cp100_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:cp200_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:cp300_firmware:*:*:*:*:*:*:*:*
More vulnerabilities in Siemens Dnp3 Tcp Firmware
- CVE-2018-11451 — High (CVSS 7.5): A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33),…
All CVEs affecting Siemens Dnp3 Tcp Firmware →
Other CWE-20 (Improper Input Validation) vulnerabilities
- CVE-2026-48316 — Critical (CVSS 10.0): ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could…
- CVE-2026-48281 — Critical (CVSS 10.0): ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could…
- CVE-2026-48277 — Critical (CVSS 10.0): ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could…
- CVE-2026-48055 — Critical (CVSS 10.0): Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and…
- CVE-2026-34910 — Critical (CVSS 10.0): A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS…
- CVE-2026-33587 — Critical (CVSS 10.0): Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and…
Browse all CWE-20 (Improper Input Validation) vulnerabilities →