Detections
Analytics
Siemens SIMATIC Spectre-NG Variants 3a and 4 (CVE-2018-3639)
medium Tenable OT Security Plugin ID 500248
Synopsis
The remote OT asset is affected by a vulnerability.Description
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://www.us-cert.gov/ncas/alerts/TA18-141A
http://www.nessus.org/u?c2acd2ee
https://www.synology.com/support/security/Synology_SA_18_23
https://www.kb.cert.org/vuls/id/180049
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3652-1/
https://usn.ubuntu.com/3651-1/
http://www.nessus.org/u?fc974ba6
https://support.citrix.com/article/CTX235225
https://security.netapp.com/advisory/ntap-20180521-0001/
http://www.nessus.org/u?36d8913e
http://www.nessus.org/u?c89c164f
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://access.redhat.com/errata/RHSA-2018:1660
https://access.redhat.com/errata/RHSA-2018:1655
https://access.redhat.com/errata/RHSA-2018:1647
https://access.redhat.com/errata/RHSA-2018:1630
http://xenbits.xen.org/xsa/advisory-263.html
http://www.securitytracker.com/id/1040949
http://support.lenovo.com/us/en/solutions/LEN-22133
https://access.redhat.com/errata/RHSA-2018:1690
https://access.redhat.com/errata/RHSA-2018:1689
https://access.redhat.com/errata/RHSA-2018:1688
https://access.redhat.com/errata/RHSA-2018:1686
https://access.redhat.com/errata/RHSA-2018:1676
https://access.redhat.com/errata/RHSA-2018:1675
https://access.redhat.com/errata/RHSA-2018:1674
https://access.redhat.com/errata/RHSA-2018:1669
https://access.redhat.com/errata/RHSA-2018:1668
https://access.redhat.com/errata/RHSA-2018:1667
https://access.redhat.com/errata/RHSA-2018:1666
https://access.redhat.com/errata/RHSA-2018:1665
https://access.redhat.com/errata/RHSA-2018:1664
https://access.redhat.com/errata/RHSA-2018:1663
https://access.redhat.com/errata/RHSA-2018:1662
https://access.redhat.com/errata/RHSA-2018:1661
https://access.redhat.com/errata/RHSA-2018:1659
https://access.redhat.com/errata/RHSA-2018:1658
https://access.redhat.com/errata/RHSA-2018:1657
https://access.redhat.com/errata/RHSA-2018:1656
https://access.redhat.com/errata/RHSA-2018:1654
https://access.redhat.com/errata/RHSA-2018:1653
https://access.redhat.com/errata/RHSA-2018:1652
https://access.redhat.com/errata/RHSA-2018:1651
https://access.redhat.com/errata/RHSA-2018:1650
https://access.redhat.com/errata/RHSA-2018:1649
https://access.redhat.com/errata/RHSA-2018:1648
https://access.redhat.com/errata/RHSA-2018:1646
https://access.redhat.com/errata/RHSA-2018:1645
https://access.redhat.com/errata/RHSA-2018:1644
https://access.redhat.com/errata/RHSA-2018:1643
https://access.redhat.com/errata/RHSA-2018:1642
https://access.redhat.com/errata/RHSA-2018:1636
https://access.redhat.com/errata/RHSA-2018:1635
https://access.redhat.com/errata/RHSA-2018:1633
https://access.redhat.com/errata/RHSA-2018:1632
https://access.redhat.com/errata/RHSA-2018:1629
http://www.securityfocus.com/bid/104232
https://www.exploit-db.com/exploits/44695/
https://access.redhat.com/errata/RHSA-2018:1711
https://access.redhat.com/errata/RHSA-2018:1710
https://access.redhat.com/errata/RHSA-2018:1696
https://www.debian.org/security/2018/dsa-4210
https://access.redhat.com/errata/RHSA-2018:3424
https://access.redhat.com/errata/RHSA-2018:3423
https://access.redhat.com/errata/RHSA-2018:3407
https://access.redhat.com/errata/RHSA-2018:3402
https://access.redhat.com/errata/RHSA-2018:3401
https://access.redhat.com/errata/RHSA-2018:3400
https://access.redhat.com/errata/RHSA-2018:3399
https://access.redhat.com/errata/RHSA-2018:3398
https://access.redhat.com/errata/RHSA-2018:3397
https://access.redhat.com/errata/RHSA-2018:3396
https://access.redhat.com/errata/RHSA-2018:2948
http://www.securitytracker.com/id/1042004
http://www.nessus.org/u?148b2157
http://www.nessus.org/u?799b2d05
https://access.redhat.com/errata/RHSA-2019:0148
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
http://www.nessus.org/u?c34fd747
https://access.redhat.com/errata/RHSA-2019:1046
http://www.nessus.org/u?9073d091
http://www.nessus.org/u?ccb7a56c
https://seclists.org/bugtraq/2019/Jun/36
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
http://www.openwall.com/lists/oss-security/2020/06/10/1
http://www.openwall.com/lists/oss-security/2020/06/10/2
http://www.openwall.com/lists/oss-security/2020/06/10/5
https://www.oracle.com/security-alerts/cpujul2020.html
http://www.nessus.org/u?d5299d44
https://usn.ubuntu.com/3655-1/
https://access.redhat.com/errata/RHSA-2018:1738
https://access.redhat.com/errata/RHSA-2018:1737
https://access.redhat.com/errata/RHSA-2018:1641
https://access.redhat.com/errata/RHSA-2018:1640
https://access.redhat.com/errata/RHSA-2018:1639
https://access.redhat.com/errata/RHSA-2018:1638
https://access.redhat.com/errata/RHSA-2018:1637
http://www.nessus.org/u?ab57ba47
https://usn.ubuntu.com/3680-1/
https://usn.ubuntu.com/3679-1/
http://www.nessus.org/u?abd55666
https://access.redhat.com/errata/RHSA-2018:1826
https://access.redhat.com/errata/RHSA-2018:1854
https://access.redhat.com/errata/RHSA-2018:2006
https://access.redhat.com/errata/RHSA-2018:2003
https://access.redhat.com/errata/RHSA-2018:2001
https://access.redhat.com/errata/RHSA-2018:1997
https://access.redhat.com/errata/RHSA-2018:1967
https://access.redhat.com/errata/RHSA-2018:1965
https://access.redhat.com/errata/RHSA-2018:2060
https://access.redhat.com/errata/RHSA-2018:2164
https://access.redhat.com/errata/RHSA-2018:2162
https://access.redhat.com/errata/RHSA-2018:2161
https://access.redhat.com/errata/RHSA-2018:2172
https://access.redhat.com/errata/RHSA-2018:2171
https://access.redhat.com/errata/RHSA-2018:2216
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://access.redhat.com/errata/RHSA-2018:2228
https://access.redhat.com/errata/RHSA-2018:2250
https://access.redhat.com/errata/RHSA-2018:2246
https://access.redhat.com/errata/RHSA-2018:2258
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://access.redhat.com/errata/RHSA-2018:2289
https://access.redhat.com/errata/RHSA-2018:2328
https://access.redhat.com/errata/RHSA-2018:2309
https://access.redhat.com/errata/RHSA-2018:2364
https://access.redhat.com/errata/RHSA-2018:2363
https://access.redhat.com/errata/RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2387
https://www.debian.org/security/2018/dsa-4273
https://usn.ubuntu.com/3756-1/
https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
https://usn.ubuntu.com/3777-3/
Plugin Details
Severity: Medium
ID: 500248
Version: 1.5
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 4/22/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2018-3639
CVSS v3
Risk Factor: Medium
Base Score: 5.5
Temporal Score: 5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:simatic_et_200_sp_firmware, cpe:/o:siemens:simatic_s7-1500_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/22/2018
Vulnerability Publication Date: 5/22/2018
Reference Information
CVE: CVE-2018-3639
CWE: 203
CERT: TA18-141A
DSA: DSA-4210, DSA-4273
RHSA: RHSA-2018:1629, RHSA-2018:1630, RHSA-2018:1632, RHSA-2018:1633, RHSA-2018:1635, RHSA-2018:1636, RHSA-2018:1637, RHSA-2018:1638, RHSA-2018:1639, RHSA-2018:1640, RHSA-2018:1641, RHSA-2018:1642, RHSA-2018:1643, RHSA-2018:1644, RHSA-2018:1645, RHSA-2018:1646, RHSA-2018:1647, RHSA-2018:1648, RHSA-2018:1649, RHSA-2018:1650, RHSA-2018:1651, RHSA-2018:1652, RHSA-2018:1653, RHSA-2018:1654, RHSA-2018:1655, RHSA-2018:1656, RHSA-2018:1657, RHSA-2018:1658, RHSA-2018:1659, RHSA-2018:1660, RHSA-2018:1661, RHSA-2018:1662, RHSA-2018:1663, RHSA-2018:1664, RHSA-2018:1665, RHSA-2018:1666, RHSA-2018:1667, RHSA-2018:1668, RHSA-2018:1669, RHSA-2018:1674, RHSA-2018:1675, RHSA-2018:1676, RHSA-2018:1686, RHSA-2018:1688, RHSA-2018:1689, RHSA-2018:1690, RHSA-2018:1696, RHSA-2018:1710, RHSA-2018:1711, RHSA-2018:1737, RHSA-2018:1738, RHSA-2018:1826, RHSA-2018:1854, RHSA-2018:1965, RHSA-2018:1967, RHSA-2018:1997, RHSA-2018:2001, RHSA-2018:2003, RHSA-2018:2006, RHSA-2018:2060, RHSA-2018:2161, RHSA-2018:2162, RHSA-2018:2164, RHSA-2018:2171, RHSA-2018:2172, RHSA-2018:2216, RHSA-2018:2228, RHSA-2018:2246, RHSA-2018:2250, RHSA-2018:2258, RHSA-2018:2289, RHSA-2018:2309, RHSA-2018:2328, RHSA-2018:2363, RHSA-2018:2364, RHSA-2018:2387, RHSA-2018:2394, RHSA-2018:2396, RHSA-2018:2948, RHSA-2018:3396, RHSA-2018:3397, RHSA-2018:3398, RHSA-2018:3399, RHSA-2018:3400, RHSA-2018:3401, RHSA-2018:3402, RHSA-2018:3407, RHSA-2018:3423, RHSA-2018:3424, RHSA-2018:3425, RHSA-2019:0148, RHSA-2019:1046
SuSE: openSUSE-SU-2019:1438, openSUSE-SU-2019:1439, openSUSE-SU-2020:1325
USN: USN-3651-1, USN-3652-1, USN-3653-1, USN-3653-2, USN-3654-1, USN-3654-2, USN-3655-1, USN-3655-2, USN-3679-1, USN-3680-1, USN-3756-1, USN-3777-3