Vulnerabilites related to mirion - wrm2
Vulnerability from fkie_nvd
Published
2017-09-20 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/100001 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100001 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:dmc_3000_transmitter_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F68D607-4774-45A7-A3CC-D93EE51C5169",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:dmc_3000_transmitter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D95AAD-66AD-4FCE-A0C2-4C086FF08FEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:ipam_transmitter_f\\/dmc_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28D590D7-E680-4251-8BBB-20E842026F91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:ipam_transmitter_f\\/dmc_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180D4F01-B15D-4FB7-8808-84E731444C2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:rds-31_itx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08274BFB-DB85-458D-9FDE-31C3EDCE614B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:rds-31_itx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB79C5C-5F12-4799-AB24-539270E5F40C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:drm-1\\/2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09D16832-0B56-4278-81F2-346F68AA4CF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:drm-1\\/2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "568972B1-2B1F-4929-A1D1-B8E1779F3B0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:drm-2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090843E3-BBEA-42C2-A4A7-00510FB1CD4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:drm-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83CF0450-2B8D-4FCE-B50C-422B21D21143",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:rds-31_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F64F40-FBF8-4524-AF53-B6563F4C89DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:rds-31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDBBE39-6EBD-4880-B3FE-56AB8EB08AEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:telepole_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A44C2C06-1312-43BD-8768-4824BF6EC55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:telepole_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAB081C-73B8-49C2-BE47-56CED7CE4FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mirion:wrm2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68B7F948-3A2C-4170-B95F-0FE9AAD7EF90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mirion:wrm2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49137D8C-510F-4FCA-8F48-C63EEB1FB7B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de robustez de cifrado inadecuado en Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX y variantes (incluyendo RSD31-AM Package), DRM-1/2 y variantes (incluyendo Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II y MESH Repeater (Telemetry Enabled Devices). Es posible el descifrado de datos a nivel de hardware."
}
],
"id": "CVE-2017-9645",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-20T16:29:01.003",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100001"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201709-1106
Vulnerability from variot
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level. plural Mirion Technologies The product contains a vulnerability related to cryptographic strength.Information may be obtained. Mirion Technologies provides a source of solutions for nuclear, military, radiation detection and monitoring. Mirion Technologies Telemetry Enabled Devices is a denial of service vulnerability that could be exploited by an attacker to transmit fraudulent data or perform denial of service. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. RSD31-AM Package), DRM-1/2 and variants (incl. Security vulnerabilities exist in several Mirion Technologies products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1106",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rds-31",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "wrm2",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "drm-2",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "drm-1\\/2",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "rds-31 itx",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "dmc 3000 transmitter",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "ipam transmitter f\\/dmc 2000",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "telepole 2",
"scope": "eq",
"trust": 1.6,
"vendor": "mirion",
"version": null
},
{
"model": "dmc 3000 transmitter module",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "drm-1/2",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "ipam transmitter f/dmc 2000",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "mesh repeater",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "rds-31 itx",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "rsd31-am",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "telepole ii",
"scope": null,
"trust": 0.8,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices dmc transmitter module",
"scope": "eq",
"trust": 0.6,
"vendor": "mirion",
"version": "3000"
},
{
"model": "telemetry enabled devices ipam transmitter f/dmc",
"scope": "eq",
"trust": 0.6,
"vendor": "mirion",
"version": "2000"
},
{
"model": "telemetry enabled devices rds-31 itx and variants",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices drm-1/2 and variants",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices drm and rds based boundary monitors",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices telepole ii",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices external transmitters",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telemetry enabled devices mesh repeater",
"scope": null,
"trust": 0.6,
"vendor": "mirion",
"version": null
},
{
"model": "telepole ii",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "rds-31 itx",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "mesh repeater",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "ipam transmitter f/dmc",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "20000"
},
{
"model": "external transmitters",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "drm-1/2",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "drm and rds based boundary monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "0"
},
{
"model": "dmc transmitter module",
"scope": "eq",
"trust": 0.3,
"vendor": "mirion",
"version": "30000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "dmc 3000 transmitter",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipam transmitter f dmc 2000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rds 31 itx",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "drm 1 2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "drm 2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rds 31",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "telepole 2",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wrm2",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "BID",
"id": "100001"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:mirion_technologies:dmc_3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:drm-1%2F2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:ipam_transmitter_f%2Fdmc_2000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:wrm2_mesh_repeater_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:rds-31_itx_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:rsd31-am_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:mirion_technologies:telepole_ii_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta of IOActive",
"sources": [
{
"db": "BID",
"id": "100001"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-9645",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-22839",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-117848",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-9645",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9645",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9645",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-22839",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-592",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117848",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "VULHUB",
"id": "VHN-117848"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level. plural Mirion Technologies The product contains a vulnerability related to cryptographic strength.Information may be obtained. Mirion Technologies provides a source of solutions for nuclear, military, radiation detection and monitoring. Mirion Technologies Telemetry Enabled Devices is a denial of service vulnerability that could be exploited by an attacker to transmit fraudulent data or perform denial of service. \nSuccessfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. RSD31-AM Package),\nDRM-1/2 and variants (incl. Security vulnerabilities exist in several Mirion Technologies products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9645"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "BID",
"id": "100001"
},
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "VULHUB",
"id": "VHN-117848"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9645",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-208-02",
"trust": 3.4
},
{
"db": "BID",
"id": "100001",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-22839",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473",
"trust": 0.8
},
{
"db": "IVD",
"id": "D3A1F9FF-B730-4B2E-AC28-CCBFC599FF91",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-117848",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "VULHUB",
"id": "VHN-117848"
},
{
"db": "BID",
"id": "100001"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"id": "VAR-201709-1106",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "VULHUB",
"id": "VHN-117848"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
}
]
},
"last_update_date": "2024-11-23T22:45:35.612000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.mirion.com/"
},
{
"title": "Patch for Mirion Technologies Telemetry Enabled Devices Denial of Service Vulnerability (CNVD-2017-22839)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100842"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117848"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-208-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100001"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9645"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9645"
},
{
"trust": 0.3,
"url": "https://www.mirion.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "VULHUB",
"id": "VHN-117848"
},
{
"db": "BID",
"id": "100001"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"db": "VULHUB",
"id": "VHN-117848"
},
{
"db": "BID",
"id": "100001"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "IVD",
"id": "d3a1f9ff-b730-4b2e-ac28-ccbfc599ff91"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-117848"
},
{
"date": "2017-07-27T00:00:00",
"db": "BID",
"id": "100001"
},
{
"date": "2017-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"date": "2017-06-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"date": "2017-09-20T16:29:01.003000",
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22839"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-117848"
},
{
"date": "2017-07-27T00:00:00",
"db": "BID",
"id": "100001"
},
{
"date": "2017-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008473"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-592"
},
{
"date": "2024-11-21T03:36:34.633000",
"db": "NVD",
"id": "CVE-2017-9645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Mirion Technologies Vulnerability related to cryptographic strength in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008473"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-592"
}
],
"trust": 0.6
}
}
CVE-2017-9645 (GCVE-0-2017-9645)
Vulnerability from cvelistv5
Published
2017-09-20 16:00
Modified
2024-08-05 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/100001 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Mirion Technologies Telemetry Enabled Devices |
Version: Mirion Technologies Telemetry Enabled Devices |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:00.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100001",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100001"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mirion Technologies Telemetry Enabled Devices",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mirion Technologies Telemetry Enabled Devices"
}
]
}
],
"datePublic": "2017-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-21T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "100001",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100001"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-9645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mirion Technologies Telemetry Enabled Devices",
"version": {
"version_data": [
{
"version_value": "Mirion Technologies Telemetry Enabled Devices"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100001"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-9645",
"datePublished": "2017-09-20T16:00:00",
"dateReserved": "2017-06-14T00:00:00",
"dateUpdated": "2024-08-05T17:18:00.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}