cvelistv5 - cve-2018-7527

CVE-2018-7527 (GCVE-0-2018-7527)

Vulnerability from cvelistv5

Published

2018-04-26 20:00

Modified

2024-09-16 23:46

Severity ?

CWE

CWE-121 - Stack-Based Buffer Overflow

Summary

References

URL

var-201804-1655

Vulnerability from variot

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within DataLogTool.exe. When parsing a string within an INI file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Wecon Products are prone to a stack-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "levistudio hmi editor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "we con",
        "version": "1.10"
      },
      {
        "_id": null,
        "model": "levistudio",
        "scope": null,
        "trust": 1.4,
        "vendor": "wecon",
        "version": null
      },
      {
        "_id": null,
        "model": "levistudiou",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "wecon",
        "version": "1.8.29"
      },
      {
        "_id": null,
        "model": "levistudiou",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "we con",
        "version": "1.8.29"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "we con",
        "version": "2017-11-11"
      },
      {
        "_id": null,
        "model": "levi studio hmi editor",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wecon",
        "version": "1.10"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wecon",
        "version": "build: november 11"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "wecon",
        "version": "2017"
      },
      {
        "_id": null,
        "model": "levistudiou",
        "scope": null,
        "trust": 0.7,
        "vendor": "wecon",
        "version": null
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": null,
        "trust": 0.7,
        "vendor": "wecon",
        "version": null
      },
      {
        "_id": null,
        "model": "levistudio hmi editor",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "wecon",
        "version": "\u003c=1.8.29"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer \u003c=november",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wecon",
        "version": "112017"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "we con",
        "version": "2017-11-11"
      },
      {
        "_id": null,
        "model": "levistudiou",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "we con",
        "version": "1.8.29"
      },
      {
        "_id": null,
        "model": "pi studio hmi project programmer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wecon",
        "version": "0"
      },
      {
        "_id": null,
        "model": "levistudio hmi editor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wecon",
        "version": "1.10"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "levistudio hmi editor",
        "version": "1.10"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "levistudiou",
        "version": "*"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pi studio hmi programmer",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "BID",
        "id": "104016"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:wecon:levi_studio_hmi_editor",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:wecon:levistudiou",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:wecon:pi_studio_hmi_project_programmer",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Sergey Zelenyuk of RVRT",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      }
    ],
    "trust": 2.1
  },
  "cve": "CVE-2018-7527",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-7527",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 2.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-7527",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2018-08900",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-7527",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2018-7527",
            "trust": 2.8,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-7527",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-7527",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-08900",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201804-1462",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within DataLogTool.exe.  When parsing a string within an INI file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Wecon Products are prone to a stack-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "BID",
        "id": "104016"
      },
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      }
    ],
    "trust": 5.13
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7527",
        "trust": 6.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-116-02",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "104016",
        "trust": 2.5
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5480",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5481",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5482",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-5506",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409",
        "trust": 0.7
      },
      {
        "db": "IVD",
        "id": "E2EDD8E1-39AB-11E9-B1AA-000C29342CB1",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "BID",
        "id": "104016"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      }
    ]
  },
  "id": "VAR-201804-1655",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      }
    ],
    "trust": 1.3885025
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:30:27.366000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Wecon has issued an update to correct this vulnerability.",
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.we-con.com.cn/en/index.aspx"
      },
      {
        "title": "Patches for multiple WECON product buffer overflow vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/128121"
      },
      {
        "title": "Multiple WECON Product Buffer Error Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79723"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 6.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-116-02"
      },
      {
        "trust": 2.2,
        "url": "http://www.securityfocus.com/bid/104016"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7527"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7527"
      },
      {
        "trust": 0.3,
        "url": "http://www.we-con.com.cn/en/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-406"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900"
      },
      {
        "db": "BID",
        "id": "104016"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-406",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-407",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-408",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-409",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-08900",
        "ident": null
      },
      {
        "db": "BID",
        "id": "104016",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7527",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-04T00:00:00",
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-406",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-407",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-408",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-409",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-08900",
        "ident": null
      },
      {
        "date": "2018-04-26T00:00:00",
        "db": "BID",
        "id": "104016",
        "ident": null
      },
      {
        "date": "2018-07-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005009",
        "ident": null
      },
      {
        "date": "2018-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1462",
        "ident": null
      },
      {
        "date": "2018-04-26T20:29:00.523000",
        "db": "NVD",
        "id": "CVE-2018-7527",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-406",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-407",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-408",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-409",
        "ident": null
      },
      {
        "date": "2018-05-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-08900",
        "ident": null
      },
      {
        "date": "2018-04-26T00:00:00",
        "db": "BID",
        "id": "104016",
        "ident": null
      },
      {
        "date": "2018-07-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005009",
        "ident": null
      },
      {
        "date": "2020-07-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1462",
        "ident": null
      },
      {
        "date": "2024-11-21T04:12:18.080000",
        "db": "NVD",
        "id": "CVE-2018-7527",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Wecon LeviStudioU of  LeviStudio HMI Editor and  PI Studio HMI Project Programmer Buffer error vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005009"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1462"
      }
    ],
    "trust": 0.8
  }
}

ghsa-4r6c-hgqq-rr35

Vulnerability from github

Published

2022-05-13 01:31

Modified

2022-05-13 01:31

Severity ?

5.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7527"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-26T20:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.",
  "id": "GHSA-4r6c-hgqq-rr35",
  "modified": "2022-05-13T01:31:51Z",
  "published": "2022-05-13T01:31:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7527"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104016"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

icsa-18-116-02

Vulnerability from csaf_cisa

Published

2018-04-26 00:00

Modified

2018-04-26 00:00

Summary

WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow remote code execution.

Critical infrastructure sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

China

Recommended Practices

NCCIC recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS-CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT website.

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities is not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Sergey Zelenyuk"
        ],
        "organization": "RVRT",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "names": [
          "Michael DePlante"
        ],
        "organization": "Leahy Center for Digital Investigation at Champlain College",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "China",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS-CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT website.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities is not exploitable remotely.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-116-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-116-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-116-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-116-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-116-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      }
    ],
    "title": "WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer",
    "tracking": {
      "current_release_date": "2018-04-26T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-116-02",
      "initial_release_date": "2018-04-26T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-04-26T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-116-02 WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=1.8.29",
                "product": {
                  "name": "WECON LeviStudioU: Version 1.10 part of Wecon LeviStudioU 1.8.29 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "WECON LeviStudioU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=November 11, 2017",
                "product": {
                  "name": "PI Studio HMI Project Programmer Build: November 11 2017 and prior",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "PI Studio HMI Project Programmer Build"
          }
        ],
        "category": "vendor",
        "name": "WECON"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-7527",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow can be triggered by opening a specially crafted file.CVE-2018-7527 has been assigned to these vulnerabilities. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "nvd.nist.gov",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7527"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "WECON recommends that users update to the latest version which can be found at the following location (download):",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "http://wecon-disk.oss-ap-southeast-1.aliyuncs.com/LeviStudioU20180420%20TEST.exe"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

ICSA-18-116-02

Vulnerability from csaf_cisa

Published

2018-04-26 00:00

Modified

2018-04-26 00:00

Summary

WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

Successful exploitation of these vulnerabilities could allow remote code execution.

Critical infrastructure sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

China

Recommended Practices

NCCIC recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

Exploitability

No known public exploits specifically target these vulnerabilities. These vulnerabilities is not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Sergey Zelenyuk"
        ],
        "organization": "RVRT",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "names": [
          "Michael DePlante"
        ],
        "organization": "Leahy Center for Digital Investigation at Champlain College",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "China",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS-CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT website.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities is not exploitable remotely.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-116-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-116-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-116-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-116-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-116-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      }
    ],
    "title": "WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer",
    "tracking": {
      "current_release_date": "2018-04-26T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-116-02",
      "initial_release_date": "2018-04-26T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-04-26T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-116-02 WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=1.8.29",
                "product": {
                  "name": "WECON LeviStudioU: Version 1.10 part of Wecon LeviStudioU 1.8.29 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "WECON LeviStudioU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=November 11, 2017",
                "product": {
                  "name": "PI Studio HMI Project Programmer Build: November 11 2017 and prior",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "PI Studio HMI Project Programmer Build"
          }
        ],
        "category": "vendor",
        "name": "WECON"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-7527",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A buffer overflow can be triggered by opening a specially crafted file.CVE-2018-7527 has been assigned to these vulnerabilities. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "nvd.nist.gov",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7527"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "WECON recommends that users update to the latest version which can be found at the following location (download):",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ],
          "url": "http://wecon-disk.oss-ap-southeast-1.aliyuncs.com/LeviStudioU20180420%20TEST.exe"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ]
    }
  ]
}

fkie_cve-2018-7527

Vulnerability from fkie_nvd

Published

2018-04-26 20:29

Modified

2024-11-21 04:12

Severity ?

5.3 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/104016	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104016	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
we-con	levistudio_hmi_editor	1.10
we-con	levistudiou	*
we-con	pi_studio_hmi_project_programmer	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:we-con:levistudio_hmi_editor:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9849CD-9BCE-4734-AC49-08151193D35E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:we-con:levistudiou:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1F7EC-637F-4AF1-BA98-49309BA21954",
              "versionEndIncluding": "1.8.29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:we-con:pi_studio_hmi_project_programmer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DAAD23E-278C-48F7-B67C-DB73196D6229",
              "versionEndIncluding": "2017-11-11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file."
    },
    {
      "lang": "es",
      "value": "Se puede desencadenar un desbordamiento de b\u00fafer en LeviStudio HMI Editor 1.10, parte de Wecon LeviStudioU 1.8.29 y en PI Studio HMI Project Programmer, Build: Noviembre 11, 2017 y anteriores abriendo un archivo especialmente manipulado."
    }
  ],
  "id": "CVE-2018-7527",
  "lastModified": "2024-11-21T04:12:18.080",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-26T20:29:00.523",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104016"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2018-7527

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-7527

Aliases

CVE-2018-7527

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-7527",
    "description": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.",
    "id": "GSD-2018-7527"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7527"
      ],
      "details": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.",
      "id": "GSD-2018-7527",
      "modified": "2023-12-13T01:22:33.099534Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2018-04-26T00:00:00",
        "ID": "CVE-2018-7527",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "LeviStudio HMI Editor",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Version 1.10 part of Wecon LeviStudioU 1.8.29 and prior"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "PI Studio HMI Project Programmer",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Build: November 11, 2017 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "WECON Technology Co., Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Stack-Based Buffer Overflow CWE-121"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "104016",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104016"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:we-con:levistudio_hmi_editor:1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:we-con:levistudiou:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.8.29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi_project_programmer:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2017-11-11",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-7527"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02"
            },
            {
              "name": "104016",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104016"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2019-10-09T23:42Z",
      "publishedDate": "2018-04-26T20:29Z"
    }
  }
}

cnvd-2018-08900

Vulnerability from cnvd

Title

多款WECON产品缓冲区溢出漏洞

Description

WECON LeviStudio HMI Editor和PI Studio HMI Project Programmer都是中国维控科技（WECON Technologies）公司的人机界面编程软件。 WECON LeviStudio HMI Editor和PI Studio HMI Project Programmer 2017年11月11日之前版本中存在缓冲区溢出漏洞。远程攻击者可借助特制的文件执行代码。

Severity

中

Patch Name

多款WECON产品缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.we-con.com.cn/

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02 http://www.securityfocus.com/bid/104016

Impacted products

Name
['WECON LeviStudio HMI Editor <=1.8.29', 'WECON PI Studio HMI Project Programmer <=2017年11月11日']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "104016"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-7527"
    }
  },
  "description": "WECON LeviStudio HMI Editor\u548cPI Studio HMI Project Programmer\u90fd\u662f\u4e2d\u56fd\u7ef4\u63a7\u79d1\u6280\uff08WECON Technologies\uff09\u516c\u53f8\u7684\u4eba\u673a\u754c\u9762\u7f16\u7a0b\u8f6f\u4ef6\u3002\r\n\r\nWECON LeviStudio HMI Editor\u548cPI Studio HMI Project Programmer 2017\u5e7411\u670811\u65e5\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u4ef6\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Sergey Zelenyuk of RVRT and Michael DePlante of Leahy Center for Digital Investigation at Champlain College",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.we-con.com.cn/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-08900",
  "openTime": "2018-05-04",
  "patchDescription": "WECON LeviStudio HMI Editor\u548cPI Studio HMI Project Programmer\u90fd\u662f\u4e2d\u56fd\u7ef4\u63a7\u79d1\u6280\uff08WECON Technologies\uff09\u516c\u53f8\u7684\u4eba\u673a\u754c\u9762\u7f16\u7a0b\u8f6f\u4ef6\u3002\r\n\r\nWECON LeviStudio HMI Editor\u548cPI Studio HMI Project Programmer 2017\u5e7411\u670811\u65e5\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u4ef6\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eWECON\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "WECON LeviStudio HMI Editor \u003c=1.8.29",
      "WECON PI Studio HMI Project Programmer \u003c=2017\u5e7411\u670811\u65e5"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-116-02\r\nhttp://www.securityfocus.com/bid/104016",
  "serverity": "\u4e2d",
  "submitTime": "2018-04-28",
  "title": "\u591a\u6b3eWECON\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-7527 (GCVE-0-2018-7527)

Vulnerability from cvelistv5

var-201804-1655

Vulnerability from variot

ghsa-4r6c-hgqq-rr35

Vulnerability from github

icsa-18-116-02

Vulnerability from csaf_cisa

ICSA-18-116-02

Vulnerability from csaf_cisa

fkie_cve-2018-7527

Vulnerability from fkie_nvd

gsd-2018-7527

Vulnerability from gsd

cnvd-2018-08900

Vulnerability from cnvd

Tags

Sightings

Nomenclature