https://www.us-cert.gov/ncas/alerts/TA18-141A
http://www.nessus.org/u?c2acd2ee
https://www.synology.com/support/security/Synology_SA_18_23
https://www.kb.cert.org/vuls/id/180049
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3652-1/
https://usn.ubuntu.com/3651-1/
http://www.nessus.org/u?fc974ba6
https://support.citrix.com/article/CTX235225
https://security.netapp.com/advisory/ntap-20180521-0001/
http://www.nessus.org/u?36d8913e
http://www.nessus.org/u?c89c164f
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://access.redhat.com/errata/RHSA-2018:1660
https://access.redhat.com/errata/RHSA-2018:1655
https://access.redhat.com/errata/RHSA-2018:1647
https://access.redhat.com/errata/RHSA-2018:1630
http://xenbits.xen.org/xsa/advisory-263.html
http://www.securitytracker.com/id/1040949
http://support.lenovo.com/us/en/solutions/LEN-22133
https://access.redhat.com/errata/RHSA-2018:1690
https://access.redhat.com/errata/RHSA-2018:1689
https://access.redhat.com/errata/RHSA-2018:1688
https://access.redhat.com/errata/RHSA-2018:1686
https://access.redhat.com/errata/RHSA-2018:1676
https://access.redhat.com/errata/RHSA-2018:1675
https://access.redhat.com/errata/RHSA-2018:1674
https://access.redhat.com/errata/RHSA-2018:1669
https://access.redhat.com/errata/RHSA-2018:1668
https://access.redhat.com/errata/RHSA-2018:1667
https://access.redhat.com/errata/RHSA-2018:1666
https://access.redhat.com/errata/RHSA-2018:1665
https://access.redhat.com/errata/RHSA-2018:1664
https://access.redhat.com/errata/RHSA-2018:1663
https://access.redhat.com/errata/RHSA-2018:1662
https://access.redhat.com/errata/RHSA-2018:1661
https://access.redhat.com/errata/RHSA-2018:1659
https://access.redhat.com/errata/RHSA-2018:1658
https://access.redhat.com/errata/RHSA-2018:1657
https://access.redhat.com/errata/RHSA-2018:1656
https://access.redhat.com/errata/RHSA-2018:1654
https://access.redhat.com/errata/RHSA-2018:1653
https://access.redhat.com/errata/RHSA-2018:1652
https://access.redhat.com/errata/RHSA-2018:1651
https://access.redhat.com/errata/RHSA-2018:1650
https://access.redhat.com/errata/RHSA-2018:1649
https://access.redhat.com/errata/RHSA-2018:1648
https://access.redhat.com/errata/RHSA-2018:1646
https://access.redhat.com/errata/RHSA-2018:1645
https://access.redhat.com/errata/RHSA-2018:1644
https://access.redhat.com/errata/RHSA-2018:1643
https://access.redhat.com/errata/RHSA-2018:1642
https://access.redhat.com/errata/RHSA-2018:1636
https://access.redhat.com/errata/RHSA-2018:1635
https://access.redhat.com/errata/RHSA-2018:1633
https://access.redhat.com/errata/RHSA-2018:1632
https://access.redhat.com/errata/RHSA-2018:1629
http://www.securityfocus.com/bid/104232
https://www.exploit-db.com/exploits/44695/
https://access.redhat.com/errata/RHSA-2018:1711
https://access.redhat.com/errata/RHSA-2018:1710
https://access.redhat.com/errata/RHSA-2018:1696
https://www.debian.org/security/2018/dsa-4210
https://usn.ubuntu.com/3655-1/
https://access.redhat.com/errata/RHSA-2018:1738
https://access.redhat.com/errata/RHSA-2018:1737
https://access.redhat.com/errata/RHSA-2018:1641
https://access.redhat.com/errata/RHSA-2018:1640
https://access.redhat.com/errata/RHSA-2018:1639
https://access.redhat.com/errata/RHSA-2018:1638
https://access.redhat.com/errata/RHSA-2018:1637
http://www.nessus.org/u?ab57ba47
https://usn.ubuntu.com/3680-1/
https://usn.ubuntu.com/3679-1/
http://www.nessus.org/u?abd55666
https://access.redhat.com/errata/RHSA-2018:1826
https://access.redhat.com/errata/RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:2006
https://access.redhat.com/errata/RHSA-2018:2003
https://access.redhat.com/errata/RHSA-2018:2001
https://access.redhat.com/errata/RHSA-2018:1997
https://access.redhat.com/errata/RHSA-2018:1967
https://access.redhat.com/errata/RHSA-2018:1965
https://access.redhat.com/errata/RHSA-2018:2060
https://access.redhat.com/errata/RHSA-2018:2164
https://access.redhat.com/errata/RHSA-2018:2162
https://access.redhat.com/errata/RHSA-2018:2161
https://access.redhat.com/errata/RHSA-2018:2172
https://access.redhat.com/errata/RHSA-2018:2171
https://access.redhat.com/errata/RHSA-2018:2216
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://access.redhat.com/errata/RHSA-2018:2228
https://access.redhat.com/errata/RHSA-2018:2250
https://access.redhat.com/errata/RHSA-2018:2246
https://access.redhat.com/errata/RHSA-2018:2258
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://access.redhat.com/errata/RHSA-2018:2289
https://access.redhat.com/errata/RHSA-2018:2328
https://access.redhat.com/errata/RHSA-2018:2309
https://access.redhat.com/errata/RHSA-2018:2364
https://access.redhat.com/errata/RHSA-2018:2363
https://access.redhat.com/errata/RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2387
https://www.debian.org/security/2018/dsa-4273
https://usn.ubuntu.com/3756-1/
https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
https://usn.ubuntu.com/3777-3/
http://www.nessus.org/u?23319717
https://access.redhat.com/errata/RHSA-2018:3425
https://access.redhat.com/errata/RHSA-2018:3424
https://access.redhat.com/errata/RHSA-2018:3423
https://access.redhat.com/errata/RHSA-2018:3407
https://access.redhat.com/errata/RHSA-2018:3402
https://access.redhat.com/errata/RHSA-2018:3401
https://access.redhat.com/errata/RHSA-2018:3400
https://access.redhat.com/errata/RHSA-2018:3399
https://access.redhat.com/errata/RHSA-2018:3398
https://access.redhat.com/errata/RHSA-2018:3397
https://access.redhat.com/errata/RHSA-2018:3396
https://access.redhat.com/errata/RHSA-2018:2948
http://www.securitytracker.com/id/1042004
http://www.nessus.org/u?148b2157
http://www.nessus.org/u?799b2d05
https://access.redhat.com/errata/RHSA-2019:0148
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
http://www.nessus.org/u?c34fd747
https://access.redhat.com/errata/RHSA-2019:1046
http://www.nessus.org/u?9073d091
http://www.nessus.org/u?ccb7a56c
https://seclists.org/bugtraq/2019/Jun/36
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
http://www.openwall.com/lists/oss-security/2020/06/10/1
http://www.openwall.com/lists/oss-security/2020/06/10/2
http://www.openwall.com/lists/oss-security/2020/06/10/5
Severity: Medium
ID: 500248
Version: 1.6
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 12/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Medium
Score: 6.7
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2018-3639
Risk Factor: Medium
Base Score: 5.5
Temporal Score: 5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CPE: cpe:/o:siemens:simatic_s7-1500_firmware, cpe:/o:siemens:simatic_et_200_sp_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/22/2018
Vulnerability Publication Date: 5/22/2018
CVE: CVE-2018-3639
CWE: 203
CERT: TA18-141A
DSA: DSA-4210, DSA-4273
RHSA: RHSA-2018:1629, RHSA-2018:1630, RHSA-2018:1632, RHSA-2018:1633, RHSA-2018:1635, RHSA-2018:1636, RHSA-2018:1637, RHSA-2018:1638, RHSA-2018:1639, RHSA-2018:1640, RHSA-2018:1641, RHSA-2018:1642, RHSA-2018:1643, RHSA-2018:1644, RHSA-2018:1645, RHSA-2018:1646, RHSA-2018:1647, RHSA-2018:1648, RHSA-2018:1649, RHSA-2018:1650, RHSA-2018:1651, RHSA-2018:1652, RHSA-2018:1653, RHSA-2018:1654, RHSA-2018:1655, RHSA-2018:1656, RHSA-2018:1657, RHSA-2018:1658, RHSA-2018:1659, RHSA-2018:1660, RHSA-2018:1661, RHSA-2018:1662, RHSA-2018:1663, RHSA-2018:1664, RHSA-2018:1665, RHSA-2018:1666, RHSA-2018:1667, RHSA-2018:1668, RHSA-2018:1669, RHSA-2018:1674, RHSA-2018:1675, RHSA-2018:1676, RHSA-2018:1686, RHSA-2018:1688, RHSA-2018:1689, RHSA-2018:1690, RHSA-2018:1696, RHSA-2018:1710, RHSA-2018:1711, RHSA-2018:1737, RHSA-2018:1738, RHSA-2018:1826, RHSA-2018:1854, RHSA-2018:1965, RHSA-2018:1967, RHSA-2018:1997, RHSA-2018:2001, RHSA-2018:2003, RHSA-2018:2006, RHSA-2018:2060, RHSA-2018:2161, RHSA-2018:2162, RHSA-2018:2164, RHSA-2018:2171, RHSA-2018:2172, RHSA-2018:2216, RHSA-2018:2228, RHSA-2018:2246, RHSA-2018:2250, RHSA-2018:2258, RHSA-2018:2289, RHSA-2018:2309, RHSA-2018:2328, RHSA-2018:2363, RHSA-2018:2364, RHSA-2018:2387, RHSA-2018:2394, RHSA-2018:2396, RHSA-2018:2948, RHSA-2018:3396, RHSA-2018:3397, RHSA-2018:3398, RHSA-2018:3399, RHSA-2018:3400, RHSA-2018:3401, RHSA-2018:3402, RHSA-2018:3407, RHSA-2018:3423, RHSA-2018:3424, RHSA-2018:3425, RHSA-2019:0148, RHSA-2019:1046
SuSE: openSUSE-SU-2019:1438, openSUSE-SU-2019:1439, openSUSE-SU-2020:1325
USN: USN-3651-1, USN-3652-1, USN-3653-1, USN-3653-2, USN-3654-1, USN-3654-2, USN-3655-1, USN-3655-2, USN-3679-1, USN-3680-1, USN-3756-1, USN-3777-3