Siemens TeleControl Server Basic

Plan Patch8.8ICS-CERT ICSA-18-030-02Jan 30, 2018

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

TeleControl Server Basic versions prior to 3.1 contain multiple authentication and authorization bypass vulnerabilities (CWE-288, CWE-284, CWE-400). An authenticated user with basic credentials can escalate privileges to access sensitive functions, modify system configuration, or retrieve confidential data without proper permission checks. The vulnerability is remotely exploitable over the network and requires low skill to exploit.

What this means

What could happen

An authenticated attacker on your network could gain high-level access to TeleControl Server Basic, allowing them to read sensitive configuration data, modify system settings, or disrupt remote SCADA communications.

Who's at risk

Water and electric utility operators using Siemens TeleControl Server Basic for remote SCADA communications and monitoring should prioritize this update. This affects remote control and supervisory systems that rely on this server for configuration and data access.

How it could be exploited

An attacker with valid credentials on your network could send specially crafted requests to the TeleControl Server Basic service to bypass authentication checks or permission controls. This would allow them to access restricted functionality without proper authorization.

Prerequisites

Network access to the TeleControl Server Basic service
Valid user credentials (non-administrative) to authenticate to the system

remotely exploitableauthentication required (but with low-privileged credentials)low attack complexityhigh-severity impact to confidentiality and integrity

Exploitability

Moderate exploit probability (EPSS 1.5%)

Affected products (1)

ProductAffected VersionsFix Status

TeleControl Server Basic:< 3.13.1

Remediation & Mitigation

0/2

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade TeleControl Server Basic to version 3.1 or later

Long-term hardening

0/1

HARDENINGReview and restrict network access to TeleControl Server Basic to only authorized engineering and operations workstations

CVEs (3)

CVE-2018-4835 CVE-2018-4836 CVE-2018-4837

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/fe401cff-aa91-4f02-af12-43bb6eb86a0a