Vulnerabilites related to deltaww - commgr
cve-2018-10594
Vulnerability from cvelistv5
Published
2018-06-26 20:00
Modified
2024-09-16 16:58
Severity ?
EPSS score ?
Summary
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104529 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/44965/ | exploit, x_refsource_EXPLOIT-DB | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01 | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/45574/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ICS-CERT | Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) |
Version: Version 1.08 and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:39:08.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104529",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104529"
},
{
"name": "44965",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"name": "45574",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45574/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1)",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "Version 1.08 and prior"
}
]
}
],
"datePublic": "2018-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "104529",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104529"
},
{
"name": "44965",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"name": "45574",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45574/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-06-21T00:00:00",
"ID": "CVE-2018-10594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1)",
"version": {
"version_data": [
{
"version_value": "Version 1.08 and prior"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104529",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104529"
},
{
"name": "44965",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"name": "45574",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45574/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10594",
"datePublished": "2018-06-26T20:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2024-09-16T16:58:55.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-06-26 20:29
Modified
2024-11-21 03:41
Severity ?
Summary
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/104529 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.exploit-db.com/exploits/44965/ | Exploit, Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://www.exploit-db.com/exploits/45574/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104529 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44965/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/45574/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| deltaww | commgr | * | |
| deltaww | dvpsimulator_ahsim_5x0 | - | |
| deltaww | dvpsimulator_ahsim_5x1 | - | |
| deltaww | dvpsimulator_eh2 | - | |
| deltaww | dvpsimulator_es2 | - | |
| deltaww | dvpsimulator_h3 | - | |
| deltaww | dvpsimulator_se | - | |
| deltaww | dvpsimulator_ss2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:deltaww:commgr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24F6AC59-770C-4AE3-B010-531E6C19ECD4",
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_ahsim_5x0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61167A94-F65E-4179-B860-80A7E9A89117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_ahsim_5x1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8A5379-465C-4BFA-8C8A-3BD2EDC4463C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_eh2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C584385C-E9B7-470A-A19A-246EC4A7B41C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_es2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8824D80A-7D15-4AD0-8AEF-DDE985669292",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_h3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CD6D94-226D-42D0-8EB7-33C7FC47F312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D4DF3F-F869-4708-8738-7F4ABE317F4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:deltaww:dvpsimulator_ss2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B78281E-2ED8-463C-B717-4E01C4E0678B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server."
},
{
"lang": "es",
"value": "Delta Industrial Automation COMMGR de Delta Electronics en versiones 1.08 y anteriores con sus simuladores PLC (DVPSimulator EH2, EH3, ES2, SE, SS2 y AHSIM_5x0, AHSIM_5x1) utiliza un b\u00fafer de pila de longitud fija en el que se puede leer un valor de longitud no verificado desde los paquetes de red mediante un puerto de red espec\u00edfico, provocando la sobrescritura del b\u00fafer. Esto puede permitir la ejecuci\u00f3n remota de c\u00f3digo, provocando el cierre inesperado de la aplicaci\u00f3n o resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el servidor de la aplicaci\u00f3n."
}
],
"id": "CVE-2018-10594",
"lastModified": "2024-11-21T03:41:37.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-26T20:29:00.227",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104529"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45574/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45574/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201806-0554
Vulnerability from variot
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. Industrial Automation COMMGR 1.08 and prior are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "commgr",
"scope": null,
"trust": 2.8,
"vendor": "delta industrial automation",
"version": null
},
{
"_id": null,
"model": "commgr",
"scope": "lte",
"trust": 1.0,
"vendor": "deltaww",
"version": "1.08"
},
{
"_id": null,
"model": "commgr",
"scope": "lte",
"trust": 0.8,
"vendor": "delta",
"version": "1.08"
},
{
"_id": null,
"model": "electronics delta industrial automation commgr",
"scope": "lte",
"trust": 0.6,
"vendor": "delta",
"version": "\u003c=1.08"
},
{
"_id": null,
"model": "electronics delta industrial automation commgr ahsim 5x0",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr ahsim 5x1",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator eh2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator eh3",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator es2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator se",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator ss2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "commgr",
"scope": "eq",
"trust": 0.6,
"vendor": "deltaww",
"version": "1.08"
},
{
"_id": null,
"model": "electronics inc industrial automation commgr",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "1.08"
},
{
"_id": null,
"model": "electronics inc dvpsimulator ss2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator se",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator es2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator eh3",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator eh2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x1"
},
{
"_id": null,
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x0"
},
{
"_id": null,
"model": "electronics inc industrial automation commgr",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "1.09"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "commgr",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:delta_electronics:commgr",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
}
],
"trust": 2.8
},
"cve": "CVE-2018-10594",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10594",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 4.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12128",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10594",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-10594",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10594",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10594",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"description": {
"_id": null,
"data": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. \nIndustrial Automation COMMGR 1.08 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
}
],
"trust": 5.13
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-10594",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-172-01",
"trust": 2.7
},
{
"db": "BID",
"id": "104529",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "44965",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "45574",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5668",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-587",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5666",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-586",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5667",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-588",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5665",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-585",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FF3E01-39AB-11E9-A6A4-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"id": "VAR-201806-0554",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
]
},
"last_update_date": "2024-11-23T23:05:06.011000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Delta Industrial Automation has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.deltaww.com/"
},
{
"title": "Patch for Delta Electronics Delta Industrial Automation COMMGR Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/132857"
},
{
"title": "Delta Industrial Automation COMMGR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81478"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 5.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-172-01"
},
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/104529"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/45574/"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10594"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10594"
},
{
"trust": 0.3,
"url": "http://www.deltaww.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"db": "BID",
"id": "104529",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"date": "2018-06-26T20:29:00.227000",
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"date": "2018-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"date": "2024-11-21T03:41:37.600000",
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Delta Industrial Automation COMMGR Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.8
}
}