Search criteria
10 vulnerabilities found for PI Studio HMI by WECON
VAR-201810-0397
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of hsc files. When parsing the TextContent element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14818"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natnael Samson(Natti)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
}
],
"trust": 0.7
},
"cve": "CVE-2018-14818",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-14818",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14818",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21172",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14818",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-14818",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-14818",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21172",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of hsc files. When parsing the TextContent element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14818",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2018-21172",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6253",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1109",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDB75F-39AB-11E9-83CB-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"id": "VAR-201810-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
}
]
},
"last_update_date": "2023-12-18T13:08:16.951000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14818"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14818"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"date": "2018-10-08T12:29:00.390000",
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"date": "2020-08-28T18:53:09.890000",
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI and PI Studio Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
],
"trust": 0.8
}
}
VAR-201810-0394
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator. PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of hsc files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PIStudio is an HMI software. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. A buffer overflow vulnerability exists in Wecon PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier. WECON PIStudio is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pistudio",
"scope": null,
"trust": 3.4,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
},
{
"model": "pistudio",
"scope": "eq",
"trust": 0.2,
"vendor": "wecon",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14810"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
}
],
"trust": 2.1
},
"cve": "CVE-2018-14810",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-14810",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14810",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-42805",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21173",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "bc269758-613b-47a7-ba82-c07f15095edc",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-14810",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14810",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2018-14810",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-14810",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14810",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-42805",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21173",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-243",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator. PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of hsc files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PIStudio is an HMI software. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. A buffer overflow vulnerability exists in Wecon PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier. WECON PIStudio is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
}
],
"trust": 6.12
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14810",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-19-450",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-449",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2018-21173",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-42805",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8927",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-1032",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7641",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7635",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6244",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1107",
"trust": 0.7
},
{
"db": "BID",
"id": "108503",
"trust": 0.3
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDDE6E-39AB-11E9-AB9A-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "BC269758-613B-47A7-BA82-C07F15095EDC",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"id": "VAR-201810-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
}
],
"trust": 2.20006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
}
]
},
"last_update_date": "2023-12-18T13:08:16.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "This vulnerability is being disclosed publicly without a patch in accordance with ZDI policies.06/26/2019 - ZDI provided the vulnerability report to ICS-CERT07/02/2019 - ICS-CERT acknowledged the report and provided an ICS VU#11/19/2019 - ZDI requested any available update11/29/2019 - ZDI requested any available update12/05/2019 - ZDI requested any available update12/18/2019 - ZDI advised ICS-CERT of the intention to publish the report as 0-day on Dec 30 12/02/2021 - The vendor published an update Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application.",
"trust": 2.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01--"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 2.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01--"
},
{
"trust": 0.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-450/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14810"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14810"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/download_45.html"
},
{
"trust": 0.3,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-449/"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"date": "2019-11-29T00:00:00",
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"date": "2019-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"date": "2019-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"date": "2019-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"date": "2019-05-02T00:00:00",
"db": "BID",
"id": "108503"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"date": "2018-10-08T12:29:00.283000",
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"date": "2019-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"date": "2019-05-02T00:00:00",
"db": "BID",
"id": "108503"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"date": "2019-10-09T23:35:15.593000",
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "(0Day) WECON PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
}
],
"trust": 2.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
],
"trust": 0.8
}
}
VAR-201810-0434
Vulnerability from variot - Updated: 2023-12-18 13:08In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information under the context of Administrator. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0434",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17889"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
}
],
"trust": 0.7
},
"cve": "CVE-2018-17889",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-17889",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-17889",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-21174",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17889",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-17889",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-17889",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21174",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-245",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information under the context of Administrator. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17889",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2018-21174",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6162",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1106",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDB75E-39AB-11E9-851D-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"id": "VAR-201810-0434",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
}
]
},
"last_update_date": "2023-12-18T13:08:16.913000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/08/18 - ZDI sent the report to ICS-CERT05/09/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17889"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17889"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"date": "2018-10-08T12:29:00.517000",
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"date": "2019-10-09T23:36:59.817000",
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI and PI Studio In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
],
"trust": 0.8
}
}
VAR-201903-1000
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object. WECON Technology PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of images within DAT files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of an administrator. The vulnerability stems from the program's failure to properly validate user-submitted data. No detailed vulnerability details are provided at this time. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1000",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
}
],
"trust": 0.7
},
"cve": "CVE-2018-14814",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-14814",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14814",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2019-44956",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14814",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-14814",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-14814",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-44956",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object. WECON Technology PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of images within DAT files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of an administrator. The vulnerability stems from the program\u0027s failure to properly validate user-submitted data. No detailed vulnerability details are provided at this time. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14814",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2019-44956",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6245",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1108",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "51B2D414-3909-4A29-AF6D-C70C0F4B727B",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"id": "VAR-201903-1000",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
}
]
},
"last_update_date": "2023-12-18T13:08:16.871000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14814"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14814"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-11T00:00:00",
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"date": "2019-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2019-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"date": "2019-03-27T20:29:03.660000",
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"date": "2019-12-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2019-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"date": "2019-10-09T23:35:16.140000",
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"date": "2019-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology PI Studio HMI and PI Studio Vulnerable to out-of-bounds reading",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
],
"trust": 0.8
}
}
CVE-2018-17889 (GCVE-0-2018-17889)
Vulnerability from cvelistv5 – Published: 2018-10-08 13:00 – Updated: 2024-09-17 00:15
VLAI?
Summary
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-611 - INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-17889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-17889",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-10-02T00:00:00",
"dateUpdated": "2024-09-17T00:15:34.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14818 (GCVE-0-2018-14818)
Vulnerability from cvelistv5 – Published: 2018-10-08 13:00 – Updated: 2024-09-17 02:37
VLAI?
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.
Severity ?
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14818",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-08-01T00:00:00",
"dateUpdated": "2024-09-17T02:37:32.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14810 (GCVE-0-2018-14810)
Vulnerability from cvelistv5 – Published: 2018-10-08 13:00 – Updated: 2024-09-16 18:18
VLAI?
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.
Severity ?
No CVSS data available.
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE CWE-787
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14810",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-08-01T00:00:00",
"dateUpdated": "2024-09-16T18:18:08.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-17889 (GCVE-0-2018-17889)
Vulnerability from nvd – Published: 2018-10-08 13:00 – Updated: 2024-09-17 00:15
VLAI?
Summary
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure.
Severity ?
No CVSS data available.
CWE
- CWE-611 - INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-17889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INFORMATION EXPOSURE THROUGH XML EXTERNAL ENTITY REFERENCE CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-17889",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-10-02T00:00:00",
"dateUpdated": "2024-09-17T00:15:34.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14818 (GCVE-0-2018-14818)
Vulnerability from nvd – Published: 2018-10-08 13:00 – Updated: 2024-09-17 02:37
VLAI?
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.
Severity ?
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14818",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-08-01T00:00:00",
"dateUpdated": "2024-09-17T02:37:32.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14810 (GCVE-0-2018-14810)
Vulnerability from nvd – Published: 2018-10-08 13:00 – Updated: 2024-09-16 18:18
VLAI?
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.
Severity ?
No CVSS data available.
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE CWE-787
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14810",
"datePublished": "2018-10-08T13:00:00Z",
"dateReserved": "2018-08-01T00:00:00",
"dateUpdated": "2024-09-16T18:18:08.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}