cvelistv5 - cve-2018-18989

cve-2018-18989

Vulnerability from cvelistv5

Published

2018-12-04 22:00

Modified

2024-08-05 11:23

Severity ?

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/106106	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106106	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	n/a	CX-One (CX-Programmer and CX-Server)	Version: CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:23:08.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
          },
          {
            "name": "106106",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106106"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CX-One (CX-Programmer and CX-Server)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)"
            }
          ]
        }
      ],
      "datePublic": "2018-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "USE AFTER FREE CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-06T10:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
        },
        {
          "name": "106106",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106106"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-18989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CX-One (CX-Programmer and CX-Server)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "USE AFTER FREE CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
            },
            {
              "name": "106106",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106106"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-18989",
    "datePublished": "2018-12-04T22:00:00",
    "dateReserved": "2018-11-06T00:00:00",
    "dateUpdated": "2024-08-05T11:23:08.511Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-18989\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2018-12-04T22:29:00.277\",\"lastModified\":\"2024-11-21T03:56:59.737\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.\"},{\"lang\":\"es\",\"value\":\"En CX-One, en versiones 4.42 y anteriores (CX-Programmer en versiones 9.66 y anteriores y CX-Server en versiones 5.0.23 y anteriores), al procesar archivos de proyecto, la aplicaci\u00f3n no comprueba si se est\u00e1 referenciando memoria liberada. Un atacante podr\u00eda emplear un archivo de proyecto manipulado para explotar y ejecutar c\u00f3digo con los privilegios de la aplicaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.42\",\"matchCriteriaId\":\"6C1865E7-6B16-4F3F-9F49-CFA81A09FAF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.66\",\"matchCriteriaId\":\"B6B67C07-935C-419E-A5AE-ACD3CE63594A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.23\",\"matchCriteriaId\":\"15C3D8DD-E0F1-4DA3-8C07-63920456A26F\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106106\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/106106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

ICSA-18-338-01

Vulnerability from csaf_cisa

Published

2018-12-04 00:00

Modified

2018-12-04 00:00

Summary

Omron CX-One

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application.

Countries/areas deployed

Worldwide

Company headquarters location

Japan

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Esteban Ruiz (mr_me)"
        ],
        "organization": "Source Incite",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-338-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-338-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-338-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-338-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-338-01"
      }
    ],
    "title": "Omron CX-One",
    "tracking": {
      "current_release_date": "2018-12-04T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-338-01",
      "initial_release_date": "2018-12-04T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-12-04T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-338-01 Omron CX-One"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 5.0.23",
                "product": {
                  "name": "CX-Server: Versions 5.0.23 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "CX-Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.66",
                "product": {
                  "name": "CX-Programmer: Versions 9.66 and prior",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "CX-Programmer"
          }
        ],
        "category": "vendor",
        "name": "Omron"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-18993",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Two stack-based buffer overflow vulnerabilities have been discovered. When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.CVE-2018-18993 has been assigned to these vulnerabilities. A CVSS v3 base score of 6.6 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18993"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Omron has released an updated version of CX-One to address the reported vulnerabilities. These releases are available through the CX-One auto-update service.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "CX-Programmer Versions 9.70, and",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Common Module including CX-Server Version 5.0.24",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-18989",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.CVE-2018-18989 has been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18989"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Omron has released an updated version of CX-One to address the reported vulnerabilities. These releases are available through the CX-One auto-update service.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "CX-Programmer Versions 9.70, and",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Common Module including CX-Server Version 5.0.24",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

icsa-18-338-01

Vulnerability from csaf_cisa

Published

2018-12-04 00:00

Modified

2018-12-04 00:00

Summary

Omron CX-One

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application.

Countries/areas deployed

Worldwide

Company headquarters location

Japan

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Esteban Ruiz (mr_me)"
        ],
        "organization": "Source Incite",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the application.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-338-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-338-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-338-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-338-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-338-01"
      }
    ],
    "title": "Omron CX-One",
    "tracking": {
      "current_release_date": "2018-12-04T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-338-01",
      "initial_release_date": "2018-12-04T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-12-04T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-338-01 Omron CX-One"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 5.0.23",
                "product": {
                  "name": "CX-Server: Versions 5.0.23 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "CX-Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.66",
                "product": {
                  "name": "CX-Programmer: Versions 9.66 and prior",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "CX-Programmer"
          }
        ],
        "category": "vendor",
        "name": "Omron"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-18993",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Two stack-based buffer overflow vulnerabilities have been discovered. When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.CVE-2018-18993 has been assigned to these vulnerabilities. A CVSS v3 base score of 6.6 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18993"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Omron has released an updated version of CX-One to address the reported vulnerabilities. These releases are available through the CX-One auto-update service.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "CX-Programmer Versions 9.70, and",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Common Module including CX-Server Version 5.0.24",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-18989",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.CVE-2018-18989 has been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18989"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Omron has released an updated version of CX-One to address the reported vulnerabilities. These releases are available through the CX-One auto-update service.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "CX-Programmer Versions 9.70, and",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        },
        {
          "category": "mitigation",
          "details": "Common Module including CX-Server Version 5.0.24",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

gsd-2018-18989

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-18989

Aliases

CVE-2018-18989

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-18989",
    "description": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.",
    "id": "GSD-2018-18989"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-18989"
      ],
      "details": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.",
      "id": "GSD-2018-18989",
      "modified": "2023-12-13T01:22:36.523673Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2018-18989",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "CX-One (CX-Programmer and CX-Server)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "USE AFTER FREE CWE-416"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
          },
          {
            "name": "106106",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/106106"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.0.23",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.66",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.42",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-18989"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
            },
            {
              "name": "106106",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/106106"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:37Z",
      "publishedDate": "2018-12-04T22:29Z"
    }
  }
}

var-201812-0477

Vulnerability from variot

In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Programmer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The issue results from the lack of validating the existence of an object prior to performing operations on the object. The Omron CX-One is an integrated toolkit from Omron, Japan (Omron) that includes networking, PT, frequency converters, temperature controllers, and PLC programming software. CX-Programmer is one of the PLC programming software. CX-Server is one of the driver management tools. A memory error reference vulnerability exists in Omron CX-One 4.42 and earlier (CX-Programmer 9.66 and earlier and CX-Server 5.0.23 and earlier). The vulnerability stems from a failure to check if the program is processing a project file. Reference the memory that was released. Omron CX-One is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "cx-one",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "omron",
        "version": "4.42"
      },
      {
        "_id": null,
        "model": "cx-programmer",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "omron",
        "version": "9.66"
      },
      {
        "_id": null,
        "model": "cx-server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "omron",
        "version": "5.0.23"
      },
      {
        "_id": null,
        "model": "cx-server",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "omron",
        "version": "5.0.23"
      },
      {
        "_id": null,
        "model": "cx-programmer",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "omron",
        "version": "9.66"
      },
      {
        "_id": null,
        "model": "cx-one",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "omron",
        "version": "4.42"
      },
      {
        "_id": null,
        "model": "cx-programmer",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "omron",
        "version": "version 9.66"
      },
      {
        "_id": null,
        "model": "cx-server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "omron",
        "version": "version 5.0.23"
      },
      {
        "_id": null,
        "model": "cx-one",
        "scope": null,
        "trust": 0.7,
        "vendor": "omron",
        "version": null
      },
      {
        "_id": null,
        "model": "cx-one",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "omron",
        "version": "\u003c=4.42"
      },
      {
        "_id": null,
        "model": "cx-server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "omron",
        "version": "5.0.22"
      },
      {
        "_id": null,
        "model": "cx-programmer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "omron",
        "version": "9.65"
      },
      {
        "_id": null,
        "model": "cx-server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "omron",
        "version": "5.0.24"
      },
      {
        "_id": null,
        "model": "cx-programmer",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "omron",
        "version": "9.70"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cx one",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cx programmer",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cx server",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "BID",
        "id": "106106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:omron:cx-programmer",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:omron:cx-server",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Esteban Ruiz (mr_me) of Source Incite",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2018-18989",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-18989",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "JPCERT/CC",
            "availabilityImpact": "Complete",
            "baseScore": 6.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010184",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "JPCERT/CC",
            "availabilityImpact": "Complete",
            "baseScore": 5.2,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010184",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 1.9,
            "id": "CNVD-2018-25309",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 1.9,
            "id": "7d806040-463f-11e9-aaa9-000c29342cb1",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-129603",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-18989",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "JPCERT/CC",
            "availabilityImpact": "High",
            "baseScore": 6.6,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010184",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Local",
            "author": "JPCERT/CC",
            "availabilityImpact": "High",
            "baseScore": 5.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010184",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-18989",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "REQUIRED",
            "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "JPCERT/CC",
            "id": "JVNDB-2018-010184",
            "trust": 1.6,
            "value": "Medium"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-18989",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "CVE-2018-18989",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-25309",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201812-127",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d806040-463f-11e9-aaa9-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-129603",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Programmer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The issue results from the lack of validating the existence of an object prior to performing operations on the object. The Omron CX-One is an integrated toolkit from Omron, Japan (Omron) that includes networking, PT, frequency converters, temperature controllers, and PLC programming software. CX-Programmer is one of the PLC programming software. CX-Server is one of the driver management tools. A memory error reference vulnerability exists in Omron CX-One 4.42 and earlier (CX-Programmer 9.66 and earlier and CX-Server 5.0.23 and earlier). The vulnerability stems from a failure to check if the program is processing a project file. Reference the memory that was released. Omron CX-One is prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "BID",
        "id": "106106"
      },
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-18989",
        "trust": 4.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-338-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "106106",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU90473043",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6608",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "7D806040-463F-11E9-AAA9-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      },
      {
        "db": "BID",
        "id": "106106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      }
    ]
  },
  "id": "VAR-201812-0477",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      }
    ],
    "trust": 1.449529875
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:45:08.232000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "CX-One \u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7 \u30d7\u30ed\u30b0\u30e9\u30e0 \u30c0\u30a6\u30f3\u30ed\u30fc\u30c9",
        "trust": 0.8,
        "url": "https://www.fa.omron.co.jp/product/tool/26/cxone/one1.html"
      },
      {
        "title": "CX-Programmer \u306e\u66f4\u65b0\u5185\u5bb9 | Ver.9.70 : CX-One\u30aa\u30fc\u30c8\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\uff08V4\u5411\u3051_2018\u5e7412\u6708\uff09",
        "trust": 0.8,
        "url": "https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#cx_programmer"
      },
      {
        "title": "\u5171\u901a\u30e2\u30b8\u30e5\u30fc\u30eb \u306e\u66f4\u65b0\u5185\u5bb9 | - : CX-One\u30aa\u30fc\u30c8\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\uff08V4\u5411\u3051_2018\u5e7412\u6708\uff09",
        "trust": 0.8,
        "url": "https://www.fa.omron.co.jp/product/tool/26/cxone/j4_doc.html#common_module"
      },
      {
        "title": "Omron has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
      },
      {
        "title": "Omron CX-One Memory Error Reference Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/147093"
      },
      {
        "title": "Omron CX-One Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87423"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 4.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-338-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/106106"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18993"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18989"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu90473043/"
      },
      {
        "trust": 0.3,
        "url": "https://industrial.omron.eu/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-1367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603"
      },
      {
        "db": "BID",
        "id": "106106"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-1367",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-129603",
        "ident": null
      },
      {
        "db": "BID",
        "id": "106106",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010184",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18989",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-12-14T00:00:00",
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-12-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1367",
        "ident": null
      },
      {
        "date": "2018-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-25309",
        "ident": null
      },
      {
        "date": "2018-12-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-129603",
        "ident": null
      },
      {
        "date": "2018-12-04T00:00:00",
        "db": "BID",
        "id": "106106",
        "ident": null
      },
      {
        "date": "2018-12-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010184",
        "ident": null
      },
      {
        "date": "2018-12-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-127",
        "ident": null
      },
      {
        "date": "2018-12-04T22:29:00.277000",
        "db": "NVD",
        "id": "CVE-2018-18989",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-12-10T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-1367",
        "ident": null
      },
      {
        "date": "2018-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-25309",
        "ident": null
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-129603",
        "ident": null
      },
      {
        "date": "2018-12-04T00:00:00",
        "db": "BID",
        "id": "106106",
        "ident": null
      },
      {
        "date": "2018-12-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010184",
        "ident": null
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-127",
        "ident": null
      },
      {
        "date": "2024-11-21T03:56:59.737000",
        "db": "NVD",
        "id": "CVE-2018-18989",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "106106"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "_id": null,
    "data": "Omron CX-One Memory Error Reference Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25309"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Resource management error",
    "sources": [
      {
        "db": "IVD",
        "id": "7d806040-463f-11e9-aaa9-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-127"
      }
    ],
    "trust": 0.8
  }
}

ghsa-6mv5-3jxx-rprv

Vulnerability from github

Published

2022-05-13 01:33

Modified

2022-05-13 01:33

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-18989"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-04T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.",
  "id": "GHSA-6mv5-3jxx-rprv",
  "modified": "2022-05-13T01:33:40Z",
  "published": "2022-05-13T01:33:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18989"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106106"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2018-18989

Vulnerability from fkie_nvd

Published

2018-12-04 22:29

Modified

2024-11-21 03:56

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/106106	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106106	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
omron	cx-one	*
omron	cx-programmer	*
omron	cx-server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:omron:cx-one:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C1865E7-6B16-4F3F-9F49-CFA81A09FAF3",
              "versionEndIncluding": "4.42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B67C07-935C-419E-A5AE-ACD3CE63594A",
              "versionEndIncluding": "9.66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:cx-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15C3D8DD-E0F1-4DA3-8C07-63920456A26F",
              "versionEndIncluding": "5.0.23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
    },
    {
      "lang": "es",
      "value": "En CX-One, en versiones 4.42 y anteriores (CX-Programmer en versiones 9.66 y anteriores y CX-Server en versiones 5.0.23 y anteriores), al procesar archivos de proyecto, la aplicaci\u00f3n no comprueba si se est\u00e1 referenciando memoria liberada. Un atacante podr\u00eda emplear un archivo de proyecto manipulado para explotar y ejecutar c\u00f3digo con los privilegios de la aplicaci\u00f3n."
    }
  ],
  "id": "CVE-2018-18989",
  "lastModified": "2024-11-21T03:56:59.737",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-04T22:29:00.277",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106106"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-338-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2018-18989

Vulnerability from cvelistv5

ICSA-18-338-01

Vulnerability from csaf_cisa

icsa-18-338-01

Vulnerability from csaf_cisa

gsd-2018-18989

Vulnerability from gsd

var-201812-0477

Vulnerability from variot

ghsa-6mv5-3jxx-rprv

Vulnerability from github

fkie_cve-2018-18989

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature