Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
39 vulnerabilities by wecon
VAR-201809-0087
Vulnerability from variot - Updated: 2024-07-23 22:41WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the UserMgr.xml file. When parsing the GroupList ID element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. WECON LeviStudio is a set of human interface programming software from WECON, China
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0087",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudiou",
"scope": null,
"trust": 10.5,
"vendor": "wecon",
"version": null
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 1.6,
"vendor": "we con",
"version": "1.8.44"
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 1.6,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 0.6,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 0.6,
"vendor": "wecon",
"version": "1.8.44"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudiou",
"version": "1.8.29"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudiou",
"version": "1.8.44"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levistudiou:1.8.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:levistudiou:1.8.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
}
],
"trust": 9.8
},
"cve": "CVE-2018-10602",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-10602",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 10.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-14455",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-10602",
"trust": 10.5,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10602",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-14455",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-310",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the UserMgr.xml file. When parsing the GroupList ID element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. WECON LeviStudio is a set of human interface programming software from WECON, China",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10602"
},
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
}
],
"trust": 11.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10602",
"trust": 12.9
},
{
"db": "ICS CERT",
"id": "ICSA-18-212-03",
"trust": 2.2
},
{
"db": "BID",
"id": "104935",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-14455",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5905",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-824",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5909",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-828",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5870",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-805",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5931",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-850",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5794",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-791",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5903",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-822",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5913",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-832",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5923",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-842",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5787",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-784",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5938",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-857",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6067",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-997",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5798",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-794",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5945",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-862",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5868",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-804",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5933",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-852",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F727B1-39AB-11E9-8FF0-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"id": "VAR-201809-0087",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
}
]
},
"last_update_date": "2024-07-23T22:41:16.554000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.03/07/18 - ZDI disclosed the report to ICS-CERT03/12/18 - ICS-CERT assigned ICS\u2011VU\u2011031741 and notified ZDI07/06/18 - ZDI inquired the status of ICS\u2011VU\u201103174107/09/18 - ICS-CERT replied that they would advise the vendor07/19/18 - ZDI advised ICS-CERT of the intended 0-day date: 07/26/2018-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 10.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-212-03"
},
{
"title": "WECON (wei control) LeviStudioU stack heap buffer overflow vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/136079"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 12.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-212-03"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104935"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-02T00:00:00",
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"date": "2018-09-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"date": "2018-07-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"date": "2018-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"date": "2018-09-26T18:29:00.323000",
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-824"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-828"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-805"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-850"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-791"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-822"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-832"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-842"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-784"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-857"
},
{
"date": "2018-09-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-997"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-794"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-862"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-804"
},
{
"date": "2018-08-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-852"
},
{
"date": "2018-08-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-14455"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-310"
},
{
"date": "2020-08-28T13:57:20.203000",
"db": "NVD",
"id": "CVE-2018-10602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "(0Day) Wecon LeviStudioU usermanage GroupList ID Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-824"
}
],
"trust": 0.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f727b1-39ab-11e9-8ff0-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-310"
}
],
"trust": 0.8
}
}
VAR-201801-0157
Vulnerability from variot - Updated: 2023-12-18 13:14An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution. WECON Technology LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudioU Project files. When providing an overly long MulStatus szFilename XML attribute, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudiou",
"scope": null,
"trust": 2.1,
"vendor": "wecon",
"version": null
},
{
"model": "levistudio hmi editor",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=1.8.29"
},
{
"model": "levistudio hmi editor",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.2"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudio hmi editor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:we-con:levistudio_hmi_editor_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.29",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:we-con:levistudio_hmi_editor:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16739"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-125"
}
],
"trust": 0.7
},
"cve": "CVE-2017-16739",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16739",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 2.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16739",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-00908",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-107691",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-16739",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-16739",
"trust": 2.1,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-16739",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-00908",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-528",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-107691",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "VULHUB",
"id": "VHN-107691"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution. WECON Technology LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudioU Project files. When providing an overly long MulStatus szFilename XML attribute, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-107691"
}
],
"trust": 4.59
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16739",
"trust": 5.7
},
{
"db": "ICS CERT",
"id": "ICSA-18-011-01",
"trust": 3.4
},
{
"db": "BID",
"id": "102493",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-00908",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5217",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-125",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5311",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-128",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5230",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-127",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E12EAE-39AB-11E9-87C7-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-107691",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "VULHUB",
"id": "VHN-107691"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"id": "VAR-201801-0157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "VULHUB",
"id": "VHN-107691"
}
],
"trust": 1.49703945
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
}
]
},
"last_update_date": "2023-12-18T13:14:03.822000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wecon has issued an update to correct this vulnerability.",
"trust": 2.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-011-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Patch for Wecon Technologies LeviStudio HMI Editor Stack Buffer Overflow Vulnerability (CNVD-2018-00908)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/113411"
},
{
"title": "WECON Technology LEVI Studio HMI Editor Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77749"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-107691"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-011-01"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/102493"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16739"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16739"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "VULHUB",
"id": "VHN-107691"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"db": "VULHUB",
"id": "VHN-107691"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-15T00:00:00",
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"date": "2018-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"date": "2018-01-12T00:00:00",
"db": "VULHUB",
"id": "VHN-107691"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102493"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"date": "2018-01-12T20:29:00.307000",
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"date": "2018-01-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-125"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-128"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-127"
},
{
"date": "2018-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00908"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-107691"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102493"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"date": "2019-10-09T23:25:15.927000",
"db": "NVD",
"id": "CVE-2017-16739"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology LEVI Studio HMI Editor Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012041"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2e12eae-39ab-11e9-87c7-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-528"
}
],
"trust": 0.8
}
}
VAR-201710-0796
Vulnerability from variot - Updated: 2023-12-18 13:14A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be able to crash the application or run arbitrary code. WECON LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0796",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "lt",
"trust": 0.6,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8"
},
{
"model": "levi studio hmi editor",
"scope": "ne",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levi studio hmi editor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "BID",
"id": "101250"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levi_studio_hmi_editor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13999"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea (rgod) Micalizzi, working with iDefense Labs.",
"sources": [
{
"db": "BID",
"id": "101250"
}
],
"trust": 0.3
},
"cve": "CVE-2017-13999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-13999",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-29975",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13999",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13999",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-29975",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-584",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory; the attacker may then be able to crash the application or run arbitrary code. WECON LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "BID",
"id": "101250"
},
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13999",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-02",
"trust": 3.3
},
{
"db": "BID",
"id": "101250",
"trust": 1.3
},
{
"db": "BID",
"id": "102493",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2017-29975",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524",
"trust": 0.8
},
{
"db": "IVD",
"id": "67CB8D5C-FECB-4C73-8F18-D7B9D23325E8",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "BID",
"id": "101250"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"id": "VAR-201710-0796",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
}
],
"trust": 1.4315789
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
}
]
},
"last_update_date": "2023-12-18T13:14:00.589000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "WECON Technology LeviStudio HMI Editor Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103556"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-02"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/101250"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/102493"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13999"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13999"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-02 icsa-17-285-02"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "BID",
"id": "101250"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"db": "BID",
"id": "101250"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-13T00:00:00",
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"date": "2017-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101250"
},
{
"date": "2017-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"date": "2017-10-17T22:29:00.213000",
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-29975"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101250"
},
{
"date": "2017-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"date": "2018-01-13T02:29:12.707000",
"db": "NVD",
"id": "CVE-2017-13999"
},
{
"date": "2017-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LEVI Studio HMI Editor Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009524"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "67cb8d5c-fecb-4c73-8f18-d7b9d23325e8"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-584"
}
],
"trust": 0.8
}
}
VAR-201801-0156
Vulnerability from variot - Updated: 2023-12-18 13:14An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-based buffer overflow vulnerability when opened by a user. WECON Technology LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudioU Project files. When providing an overly long General FigureFile XML attribute, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0156",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudio hmi editor",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levistudiou",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=1.8.29"
},
{
"model": "levistudio hmi editor",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.2"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudio hmi editor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:we-con:levistudio_hmi_editor_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.29",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:we-con:levistudio_hmi_editor:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16737"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HanM0u of CloverSec Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-126"
}
],
"trust": 0.7
},
"cve": "CVE-2017-16737",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16737",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16737",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-00907",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-107689",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-16737",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-16737",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-16737",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-00907",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-529",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-107689",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "VULHUB",
"id": "VHN-107689"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-based buffer overflow vulnerability when opened by a user. WECON Technology LEVI Studio HMI Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudioU Project files. When providing an overly long General FigureFile XML attribute, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. LeviStudio HMI Editor is an editor in the human-machine interface of Wecon Technologies of China. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-107689"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16737",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-011-01",
"trust": 3.4
},
{
"db": "BID",
"id": "102493",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-00907",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5229",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-126",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E155C1-39AB-11E9-BEB3-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-107689",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "VULHUB",
"id": "VHN-107689"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"id": "VAR-201801-0156",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "VULHUB",
"id": "VHN-107689"
}
],
"trust": 1.49703945
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
}
]
},
"last_update_date": "2023-12-18T13:14:00.548000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Wecon has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-011-01"
},
{
"title": "Wecon Technologies LeviStudio HMI Editor heap buffer overflow vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/113413"
},
{
"title": "WECON Technology LEVI Studio HMI Editor Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77750"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-107689"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-011-01"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/102493"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16737"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16737"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "VULHUB",
"id": "VHN-107689"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"db": "VULHUB",
"id": "VHN-107689"
},
{
"db": "BID",
"id": "102493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-15T00:00:00",
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"date": "2018-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"date": "2018-01-12T00:00:00",
"db": "VULHUB",
"id": "VHN-107689"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102493"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"date": "2018-01-12T20:29:00.260000",
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"date": "2018-01-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-126"
},
{
"date": "2018-01-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00907"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-107689"
},
{
"date": "2018-01-11T00:00:00",
"db": "BID",
"id": "102493"
},
{
"date": "2018-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"date": "2019-10-09T23:25:15.783000",
"db": "NVD",
"id": "CVE-2017-16737"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology LEVI Studio HMI Editor Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012040"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2e155c1-39ab-11e9-beb3-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-529"
}
],
"trust": 0.8
}
}
VAR-201810-0394
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator. PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of hsc files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PIStudio is an HMI software. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. A buffer overflow vulnerability exists in Wecon PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier. WECON PIStudio is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pistudio",
"scope": null,
"trust": 3.4,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
},
{
"model": "pistudio",
"scope": "eq",
"trust": 0.2,
"vendor": "wecon",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14810"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
}
],
"trust": 2.1
},
"cve": "CVE-2018-14810",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-14810",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14810",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-42805",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21173",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "bc269758-613b-47a7-ba82-c07f15095edc",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-14810",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14810",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2018-14810",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-14810",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-14810",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-42805",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21173",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-243",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator. PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of hsc files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PIStudio is an HMI software. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. A buffer overflow vulnerability exists in Wecon PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier. WECON PIStudio is prone to a remote code-execution vulnerability. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
}
],
"trust": 6.12
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14810",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-19-450",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-19-449",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2018-21173",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-42805",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8927",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-1032",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7641",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7635",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6244",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1107",
"trust": 0.7
},
{
"db": "BID",
"id": "108503",
"trust": 0.3
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDDE6E-39AB-11E9-AB9A-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "BC269758-613B-47A7-BA82-C07F15095EDC",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"id": "VAR-201810-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
}
],
"trust": 2.20006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
}
]
},
"last_update_date": "2023-12-18T13:08:16.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "This vulnerability is being disclosed publicly without a patch in accordance with ZDI policies.06/26/2019 - ZDI provided the vulnerability report to ICS-CERT07/02/2019 - ICS-CERT acknowledged the report and provided an ICS VU#11/19/2019 - ZDI requested any available update11/29/2019 - ZDI requested any available update12/05/2019 - ZDI requested any available update12/18/2019 - ZDI advised ICS-CERT of the intention to publish the report as 0-day on Dec 30 12/02/2021 - The vendor published an update Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application.",
"trust": 2.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01--"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 2.1,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01--"
},
{
"trust": 0.9,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-450/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14810"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14810"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/download_45.html"
},
{
"trust": 0.3,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-449/"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"date": "2019-11-29T00:00:00",
"db": "IVD",
"id": "bc269758-613b-47a7-ba82-c07f15095edc"
},
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"date": "2019-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"date": "2019-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"date": "2019-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"date": "2019-05-02T00:00:00",
"db": "BID",
"id": "108503"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"date": "2018-10-08T12:29:00.283000",
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"date": "2021-12-03T00:00:00",
"db": "ZDI",
"id": "ZDI-19-449"
},
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1107"
},
{
"date": "2019-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42805"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21173"
},
{
"date": "2019-05-02T00:00:00",
"db": "BID",
"id": "108503"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010754"
},
{
"date": "2019-10-09T23:35:15.593000",
"db": "NVD",
"id": "CVE-2018-14810"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "108503"
},
{
"db": "BID",
"id": "105710"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "(0Day) WECON PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1032"
},
{
"db": "ZDI",
"id": "ZDI-19-450"
},
{
"db": "ZDI",
"id": "ZDI-19-449"
}
],
"trust": 2.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2fdde6e-39ab-11e9-ab9a-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-243"
}
],
"trust": 0.8
}
}
VAR-201810-0397
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of hsc files. When parsing the TextContent element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14818"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natnael Samson(Natti)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
}
],
"trust": 0.7
},
"cve": "CVE-2018-14818",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-14818",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14818",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21172",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14818",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-14818",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-14818",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21172",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of hsc files. When parsing the TextContent element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of an administrator. Wecon PI Studio HMI and PI Studio are human interface programming software from Wecon Technologies. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14818",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2018-21172",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6253",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1109",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDB75F-39AB-11E9-83CB-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"id": "VAR-201810-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
}
]
},
"last_update_date": "2023-12-18T13:08:16.951000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14818"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14818"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"date": "2018-10-08T12:29:00.390000",
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1109"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21172"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010755"
},
{
"date": "2020-08-28T18:53:09.890000",
"db": "NVD",
"id": "CVE-2018-14818"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI and PI Studio Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010755"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2fdb75f-39ab-11e9-83cb-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-244"
}
],
"trust": 0.8
}
}
VAR-201810-0434
Vulnerability from variot - Updated: 2023-12-18 13:08In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information under the context of Administrator. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0434",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17889"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
}
],
"trust": 0.7
},
"cve": "CVE-2018-17889",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-17889",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-17889",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-21174",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17889",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-17889",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-17889",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21174",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-245",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. Due to the improper restriction of XML External Entity (XXE) references, a specially crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information under the context of Administrator. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17889",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2018-21174",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6162",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1106",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2FDB75E-39AB-11E9-851D-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"id": "VAR-201810-0434",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
}
]
},
"last_update_date": "2023-12-18T13:08:16.913000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/08/18 - ZDI sent the report to ICS-CERT05/09/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17889"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17889"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"date": "2018-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"date": "2018-10-08T12:29:00.517000",
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1106"
},
{
"date": "2018-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21174"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2018-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010757"
},
{
"date": "2019-10-09T23:36:59.817000",
"db": "NVD",
"id": "CVE-2018-17889"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology Co., Ltd. PI Studio HMI and PI Studio In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010757"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2fdb75e-39ab-11e9-851d-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-245"
}
],
"trust": 0.8
}
}
VAR-201903-1000
Vulnerability from variot - Updated: 2023-12-18 13:08WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object. WECON Technology PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of images within DAT files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of an administrator. The vulnerability stems from the program's failure to properly validate user-submitted data. No detailed vulnerability details are provided at this time. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1000",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "4.2.34"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pistudio",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.1.9"
},
{
"model": "pi studio",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=4.2.34"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.1.9"
},
{
"model": "pi studio",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "4.2.34"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.34",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
}
],
"trust": 0.7
},
"cve": "CVE-2018-14814",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-14814",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-14814",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2019-44956",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-14814",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-14814",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-14814",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-44956",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object. WECON Technology PI Studio HMI and PI Studio Contains an out-of-bounds vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Wecon PIStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of images within DAT files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of an administrator. The vulnerability stems from the program\u0027s failure to properly validate user-submitted data. No detailed vulnerability details are provided at this time. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14814",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-277-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2019-44956",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6245",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1108",
"trust": 0.7
},
{
"db": "BID",
"id": "105710",
"trust": 0.3
},
{
"db": "IVD",
"id": "51B2D414-3909-4A29-AF6D-C70C0F4B727B",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"id": "VAR-201903-1000",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
}
],
"trust": 1.40006225
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
}
]
},
"last_update_date": "2023-12-18T13:08:16.871000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.05/18/18 - ZDI sent the report to ICS-CERT05/22/18 - ICS-CERT acknowledged, confirmed the report was sent to the vendor and sent an ICS-VU #09/17/18 - ZDI asked ICS-CERT to confirm the report remains unpatched and to advise the vendor of the intent to publish the report as 0-day on 10/02/18-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.",
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-277-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14814"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14814"
},
{
"trust": 0.7,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-18-277-01"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"db": "BID",
"id": "105710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-11T00:00:00",
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"date": "2018-10-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"date": "2019-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2019-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"date": "2019-03-27T20:29:03.660000",
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1108"
},
{
"date": "2019-12-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-44956"
},
{
"date": "2018-10-04T00:00:00",
"db": "BID",
"id": "105710"
},
{
"date": "2019-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015137"
},
{
"date": "2019-10-09T23:35:16.140000",
"db": "NVD",
"id": "CVE-2018-14814"
},
{
"date": "2019-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technology PI Studio HMI and PI Studio Vulnerable to out-of-bounds reading",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015137"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "51b2d414-3909-4a29-af6d-c70c0f4b727b"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-491"
}
],
"trust": 0.8
}
}
VAR-201607-0453
Vulnerability from variot - Updated: 2023-12-18 13:03Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. WECON LeviStudio is the HMI programming software. WECON LeviStudio is prone to multiple buffer-overflow vulnerabilities because the application fails to handle exceptions properly. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0453",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudio",
"scope": "eq",
"trust": 1.6,
"vendor": "wecon",
"version": null
},
{
"model": "levistudio",
"scope": null,
"trust": 1.4,
"vendor": "wecon",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudio",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wecon:levistudio:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5781"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rocco Calvi,Brian Gorenc - HPE Zero Day Initiative.",
"sources": [
{
"db": "BID",
"id": "91522"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5781",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5781",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-04734",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5781",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5781",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-04734",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-093",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. WECON LeviStudio is the HMI programming software. WECON LeviStudio is prone to multiple buffer-overflow vulnerabilities because the application fails to handle exceptions properly. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "BID",
"id": "91522"
},
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5781",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-16-189-01",
"trust": 2.4
},
{
"db": "BID",
"id": "91522",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2016-04734",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747",
"trust": 0.8
},
{
"db": "IVD",
"id": "F265B32C-F8C3-47F6-9264-0668B5F3E59F",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "BID",
"id": "91522"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"id": "VAR-201607-0453",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
}
]
},
"last_update_date": "2023-12-18T13:03:17.727000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LeviStudio",
"trust": 0.8,
"url": "http://we-con.pl/levistudiou/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-189-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/91522"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5781"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5781"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"db": "BID",
"id": "91522"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-13T00:00:00",
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"date": "2016-07-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"date": "2016-06-30T00:00:00",
"db": "BID",
"id": "91522"
},
{
"date": "2016-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"date": "2016-07-12T02:00:13.847000",
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"date": "2016-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04734"
},
{
"date": "2016-07-08T21:15:00",
"db": "BID",
"id": "91522"
},
{
"date": "2016-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003747"
},
{
"date": "2016-11-28T20:29:25.860000",
"db": "NVD",
"id": "CVE-2016-5781"
},
{
"date": "2016-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LeviStudio Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNVD",
"id": "CNVD-2016-04734"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "f265b32c-f8c3-47f6-9264-0668b5f3e59f"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-093"
}
],
"trust": 0.8
}
}
VAR-201712-0116
Vulnerability from variot - Updated: 2023-12-18 12:57A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution. WECON LeviStudio HMI Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudio Project files. When parsing the Driver field, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. WECON LeviStudio is an HMI programming software. Wecon LEVI Studio HMI is prone to heap-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0116",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levi studio hmi",
"scope": "eq",
"trust": 1.6,
"vendor": "we con",
"version": null
},
{
"model": "levistudio",
"scope": null,
"trust": 1.5,
"vendor": "wecon",
"version": null
},
{
"model": "levistudio hmi",
"scope": null,
"trust": 0.6,
"vendor": "wecon",
"version": null
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levi studio hmi",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "BID",
"id": "102230"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levi_studio_hmi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16717"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael DePlante",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "BID",
"id": "102230"
}
],
"trust": 1.0
},
"cve": "CVE-2017-16717",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16717",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-16717",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-37689",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-16717",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-16717",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2017-16717",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-37689",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-742",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution. WECON LeviStudio HMI Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudio Project files. When parsing the Driver field, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. WECON LeviStudio is an HMI programming software. Wecon LEVI Studio HMI is prone to heap-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "BID",
"id": "102230"
},
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16717",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-05",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2017-37689",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5085",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-1001",
"trust": 0.7
},
{
"db": "BID",
"id": "102230",
"trust": 0.3
},
{
"db": "IVD",
"id": "E2DFF630-39AB-11E9-80C8-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "BID",
"id": "102230"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"id": "VAR-201712-0116",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
}
],
"trust": 1.61578945
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
}
]
},
"last_update_date": "2023-12-18T12:57:10.396000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Wecon has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-05"
},
{
"title": "WECON LeviStudio patch for HMI heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/111281"
},
{
"title": "WECON LeviStudio HMI Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77234"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-05"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16717"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16717"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "BID",
"id": "102230"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"db": "BID",
"id": "102230"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-21T00:00:00",
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"date": "2017-12-20T00:00:00",
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"date": "2017-12-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"date": "2017-12-19T00:00:00",
"db": "BID",
"id": "102230"
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"date": "2017-12-20T19:29:00.207000",
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"date": "2017-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-20T00:00:00",
"db": "ZDI",
"id": "ZDI-17-1001"
},
{
"date": "2017-12-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37689"
},
{
"date": "2017-12-19T00:00:00",
"db": "BID",
"id": "102230"
},
{
"date": "2018-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"date": "2019-10-09T23:25:14.003000",
"db": "NVD",
"id": "CVE-2017-16717"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LeviStudio HMI Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011779"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2dff630-39ab-11e9-80c8-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-742"
}
],
"trust": 0.8
}
}
VAR-201804-1655
Vulnerability from variot - Updated: 2023-12-18 12:50A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within DataLogTool.exe. When parsing a string within an INI file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Wecon Products are prone to a stack-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1655",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudio hmi editor",
"scope": "eq",
"trust": 1.6,
"vendor": "we con",
"version": "1.10"
},
{
"model": "levistudio",
"scope": null,
"trust": 1.4,
"vendor": "wecon",
"version": null
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 1.1,
"vendor": "wecon",
"version": "1.8.29"
},
{
"model": "levistudiou",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "pi studio hmi project programmer",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "2017-11-11"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.8,
"vendor": "wecon",
"version": "1.10"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.8,
"vendor": "wecon",
"version": "build: november 11"
},
{
"model": "pi studio hmi project programmer",
"scope": "lte",
"trust": 0.8,
"vendor": "wecon",
"version": "2017"
},
{
"model": "levistudiou",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "pi studio hmi project programmer",
"scope": null,
"trust": 0.7,
"vendor": "wecon",
"version": null
},
{
"model": "levistudio hmi editor",
"scope": "lte",
"trust": 0.6,
"vendor": "wecon",
"version": "\u003c=1.8.29"
},
{
"model": "pi studio hmi project programmer \u003c=november",
"scope": "eq",
"trust": 0.6,
"vendor": "wecon",
"version": "112017"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "2017-11-11"
},
{
"model": "levistudiou",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.29"
},
{
"model": "pi studio hmi project programmer",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": "levistudio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "1.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudio hmi editor",
"version": "1.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levistudiou",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pi studio hmi programmer",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "BID",
"id": "104016"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levistudio_hmi_editor:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levistudiou:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.29",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:pi_studio_hmi_project_programmer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2017-11-11",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7527"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Zelenyuk of RVRT",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
}
],
"trust": 2.1
},
"cve": "CVE-2018-7527",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7527",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 2.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7527",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-08900",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-7527",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7527",
"trust": 2.8,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-7527",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-08900",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-1462",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within DataLogTool.exe. When parsing a string within an INI file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Wecon Products are prone to a stack-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "BID",
"id": "104016"
},
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
}
],
"trust": 5.13
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7527",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-116-02",
"trust": 3.3
},
{
"db": "BID",
"id": "104016",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2018-08900",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5480",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-406",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5481",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-407",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5482",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-408",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5506",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-409",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2EDD8E1-39AB-11E9-B1AA-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "BID",
"id": "104016"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"id": "VAR-201804-1655",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
}
],
"trust": 1.3885025
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
}
]
},
"last_update_date": "2023-12-18T12:50:46.742000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wecon has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-116-02"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/index.aspx"
},
{
"title": "Patches for multiple WECON product buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/128121"
},
{
"title": "Multiple WECON Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79723"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 6.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-116-02"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/104016"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7527"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7527"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "BID",
"id": "104016"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"db": "BID",
"id": "104016"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-04T00:00:00",
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"date": "2018-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"date": "2018-04-26T00:00:00",
"db": "BID",
"id": "104016"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"date": "2018-04-26T20:29:00.523000",
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"date": "2018-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-406"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-407"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-408"
},
{
"date": "2018-05-04T00:00:00",
"db": "ZDI",
"id": "ZDI-18-409"
},
{
"date": "2018-05-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08900"
},
{
"date": "2018-04-26T00:00:00",
"db": "BID",
"id": "104016"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005009"
},
{
"date": "2019-10-09T23:42:23.267000",
"db": "NVD",
"id": "CVE-2018-7527"
},
{
"date": "2020-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wecon LeviStudioU of LeviStudio HMI Editor and PI Studio HMI Project Programmer Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005009"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2edd8e1-39ab-11e9-b1aa-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-1462"
}
],
"trust": 0.8
}
}
VAR-201704-1016
Vulnerability from variot - Updated: 2023-12-18 12:44A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system. WECON products are widely used in machinery, metallurgy, chemical, petroleum and other industries. An attacker could exploit the vulnerability to execute arbitrary code in the context of the user running the affected application. 1. A stack-based buffer-overflow vulnerability 2. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.0"
},
{
"model": "levistudio",
"scope": "lt",
"trust": 0.8,
"vendor": "wecon",
"version": "hmi editor 1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "lt",
"trust": 0.6,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.0"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": "levi studio hmi editor",
"scope": "ne",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levi studio hmi editor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levi_studio_hmi_editor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "working with iDefense Labs.,Andrea (rgod) Micalizzi",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
],
"trust": 0.6
},
"cve": "CVE-2017-6035",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-6035",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-05683",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6035",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6035",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-05683",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-976",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system. WECON products are widely used in machinery, metallurgy, chemical, petroleum and other industries. An attacker could exploit the vulnerability to execute arbitrary code in the context of the user running the affected application. \n1. A stack-based buffer-overflow vulnerability\n2. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6035",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-103-01",
"trust": 2.7
},
{
"db": "BID",
"id": "97639",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2017-05683",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631",
"trust": 0.8
},
{
"db": "IVD",
"id": "0228E4FF-A75C-486A-BF64-87462B6E7289",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"id": "VAR-201704-1016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
}
],
"trust": 1.4315789
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
}
]
},
"last_update_date": "2023-12-18T12:44:39.381000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Wecon Technologies LEVI Studio HMI Editor Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/92972"
},
{
"title": "Wecon Technologies LEVI Studio HMI Editor Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70245"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-103-01"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/97639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6035"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6035"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-01T00:00:00",
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"date": "2017-05-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"date": "2017-04-13T00:00:00",
"db": "BID",
"id": "97639"
},
{
"date": "2017-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"date": "2017-04-27T00:59:00.147000",
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"date": "2017-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05683"
},
{
"date": "2017-04-18T00:06:00",
"db": "BID",
"id": "97639"
},
{
"date": "2017-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003631"
},
{
"date": "2019-10-09T23:28:36.263000",
"db": "NVD",
"id": "CVE-2017-6035"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wecon Technologies LEVI Studio HMI Editor Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNVD",
"id": "CNVD-2017-05683"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "0228e4ff-a75c-486a-bf64-87462b6e7289"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-976"
}
],
"trust": 0.8
}
}
VAR-201704-1017
Vulnerability from variot - Updated: 2023-12-18 12:44A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system. 1. A stack-based buffer-overflow vulnerability 2. Failed exploit attempts will likely cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levi studio hmi editor",
"scope": "lte",
"trust": 1.0,
"vendor": "we con",
"version": "1.8.0"
},
{
"model": "levistudio",
"scope": "lt",
"trust": 0.8,
"vendor": "wecon",
"version": "hmi editor 1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "lt",
"trust": 0.6,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.6,
"vendor": "we con",
"version": "1.8.0"
},
{
"model": "levi studio hmi editor",
"scope": "eq",
"trust": 0.3,
"vendor": "wecon",
"version": "0"
},
{
"model": "levi studio hmi editor",
"scope": "ne",
"trust": 0.3,
"vendor": "wecon",
"version": "1.8.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "levi studio hmi editor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:levi_studio_hmi_editor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6037"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "working with iDefense Labs.,Andrea (rgod) Micalizzi",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
],
"trust": 0.6
},
"cve": "CVE-2017-6037",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-6037",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-07228",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6037",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6037",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-07228",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-977",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system. \n1. A stack-based buffer-overflow vulnerability\n2. Failed exploit attempts will likely cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6037",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-103-01",
"trust": 3.3
},
{
"db": "BID",
"id": "97639",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2017-07228",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632",
"trust": 0.8
},
{
"db": "IVD",
"id": "F46BFC63-C02A-4550-8EEA-1742E10A0209",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"id": "VAR-201704-1017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
}
],
"trust": 1.4315789
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
}
]
},
"last_update_date": "2023-12-18T12:44:39.346000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
},
{
"title": "Wecon Technologies LEVI Studio HMI Editor Patch Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/94066"
},
{
"title": "Wecon Technologies LEVI Studio HMI Editor Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70246"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-103-01"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/97639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6037"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6037"
},
{
"trust": 0.3,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"db": "BID",
"id": "97639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T00:00:00",
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"date": "2017-04-13T00:00:00",
"db": "BID",
"id": "97639"
},
{
"date": "2017-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"date": "2017-04-27T00:59:00.290000",
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"date": "2017-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07228"
},
{
"date": "2017-04-18T00:06:00",
"db": "BID",
"id": "97639"
},
{
"date": "2017-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003632"
},
{
"date": "2019-10-09T23:28:36.543000",
"db": "NVD",
"id": "CVE-2017-6037"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wecon Technologies LEVI Studio HMI Editor Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNVD",
"id": "CNVD-2017-07228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "f46bfc63-c02a-4550-8eea-1742e10a0209"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-977"
}
],
"trust": 0.8
}
}
VAR-201912-1017
Vulnerability from variot - Updated: 2023-12-18 12:43Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. PLC Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON PLC Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of WCP files. A crafted PortPath element in a WCP file can trigger an overflow of a fixed-length buffer. WECON Technologies PLC Editor is a programming software for programmable logic controllers (PLCs) from China WECON Technologies
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "plc editor",
"scope": "eq",
"trust": 1.6,
"vendor": "we con",
"version": "1.3.5"
},
{
"model": "plc editor",
"scope": null,
"trust": 1.4,
"vendor": "wecon",
"version": null
},
{
"model": "plc editor",
"scope": "eq",
"trust": 0.8,
"vendor": "wecon",
"version": "1.3.5_20190129"
},
{
"model": "plc editor 1.3.5 20190129",
"scope": null,
"trust": 0.6,
"vendor": "wecon",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "plc editor",
"version": "1.3.5"
}
],
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:we-con:plc_editor:1.3.5:20190129:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-18236"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natnael Samson (@NattiSamson)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
],
"trust": 2.0
},
"cve": "CVE-2019-18236",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-18236",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-00496",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "afa54ae5-f289-4601-9bbd-1343261ff637",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-18236",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-18236",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-18236",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-18236",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-00496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-941",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflow vulnerabilities exist when the PLC Editor Version 1.3.5_20190129 processes project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. PLC Editor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON PLC Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of WCP files. A crafted PortPath element in a WCP file can trigger an overflow of a fixed-length buffer. WECON Technologies PLC Editor is a programming software for programmable logic controllers (PLCs) from China WECON Technologies",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-18236",
"trust": 4.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-353-03",
"trust": 3.0
},
{
"db": "ZDI",
"id": "ZDI-19-1033",
"trust": 2.3
},
{
"db": "ZDI",
"id": "ZDI-19-1034",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2020-00496",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9122",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9123",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.4726",
"trust": 0.6
},
{
"db": "IVD",
"id": "AFA54AE5-F289-4601-9BBD-1343261FF637",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"id": "VAR-201912-1017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
}
]
},
"last_update_date": "2023-12-18T12:43:12.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.we-con.com.cn/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-353-03"
},
{
"trust": 2.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-1034/"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-1033/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-18236"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18236"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4726/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-03T00:00:00",
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"date": "2020-01-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"date": "2020-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"date": "2019-12-23T20:15:10.877000",
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"date": "2019-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1033"
},
{
"date": "2019-12-30T00:00:00",
"db": "ZDI",
"id": "ZDI-19-1034"
},
{
"date": "2020-01-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-00496"
},
{
"date": "2020-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013556"
},
{
"date": "2020-01-03T15:35:40.003000",
"db": "NVD",
"id": "CVE-2019-18236"
},
{
"date": "2019-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON Technologies PLC Editor Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "CNVD",
"id": "CNVD-2020-00496"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "afa54ae5-f289-4601-9bbd-1343261ff637"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-941"
}
],
"trust": 0.8
}
}
VAR-201805-1193
Vulnerability from variot - Updated: 2022-05-17 02:10WECON LeviStudio is a set of human-machine interface programming software from China WECON company.
WECON LeviStudio has a heap overflow vulnerability. An attacker could exploit the vulnerability to cause the program to crash by constructing a malformed hmp file. If used successfully, it can lead to arbitrary code execution
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "levistudio",
"scope": "eq",
"trust": 0.8,
"vendor": "wecon",
"version": "20180426"
}
],
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-09981",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2018-09981",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LeviStudio is a set of human-machine interface programming software from China WECON company. \n\nWECON LeviStudio has a heap overflow vulnerability. An attacker could exploit the vulnerability to cause the program to crash by constructing a malformed hmp file. If used successfully, it can lead to arbitrary code execution",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09981"
},
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-09981",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EFFBC1-39AB-11E9-8633-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"id": "VAR-201805-1193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"last_update_date": "2022-05-17T02:10:30.249000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LeviStudio has a heap overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/128685"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-22T00:00:00",
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
},
{
"date": "2018-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09981"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WECON LeviStudio has a heap overflow vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09981"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2effbc1-39ab-11e9-8633-000c29342cb1"
}
],
"trust": 0.2
}
}
CVE-2021-23138 (GCVE-0-2021-23138)
Vulnerability from cvelistv5 – Published: 2022-01-14 19:10 – Updated: 2025-04-16 18:02
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-23138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:31:38.898270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T18:02:02.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-27T09:06:36.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
],
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-21T19:09:00.000Z",
"ID": "CVE-2021-23138",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
]
},
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-23138",
"datePublished": "2022-01-14T19:10:41.500Z",
"dateReserved": "2021-12-16T00:00:00.000Z",
"dateUpdated": "2025-04-16T18:02:02.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23157 (GCVE-0-2021-23157)
Vulnerability from cvelistv5 – Published: 2022-01-14 19:10 – Updated: 2025-04-16 18:02
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-23157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:31:41.848676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T18:02:12.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-27T09:06:14.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
],
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-21T19:09:00.000Z",
"ID": "CVE-2021-23157",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
]
},
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-23157",
"datePublished": "2022-01-14T19:10:40.173Z",
"dateReserved": "2021-12-16T00:00:00.000Z",
"dateUpdated": "2025-04-16T18:02:12.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43983 (GCVE-0-2021-43983)
Vulnerability from cvelistv5 – Published: 2021-12-13 15:48 – Updated: 2024-09-17 01:26
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
15 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:17.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-13T14:07:02.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
],
"source": {
"advisory": "ICSA-21-343-02",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate this vulnerability. Users of this affected product are invited to contact WECON technical support for additional information. CISA also recommends users take the following measures to protect themselves from social engineering attacks:"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-09T22:34:00.000Z",
"ID": "CVE-2021-43983",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
]
},
"source": {
"advisory": "ICSA-21-343-02",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate this vulnerability. Users of this affected product are invited to contact WECON technical support for additional information. CISA also recommends users take the following measures to protect themselves from social engineering attacks:"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-43983",
"datePublished": "2021-12-13T15:48:06.183Z",
"dateReserved": "2021-11-17T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:26:17.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42705 (GCVE-0-2021-42705)
Vulnerability from cvelistv5 – Published: 2021-11-22 19:06 – Updated: 2024-09-16 20:01
VLAI
Title
WECON PLC Editor
Summary
PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PLC Editor |
Affected:
All , ≤ 1.3.8
(custom)
|
Date Public
2021-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PLC Editor",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "1.3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T19:06:36.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"title": "WECON PLC Editor",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-11T22:37:00.000Z",
"ID": "CVE-2021-42705",
"STATE": "PUBLIC",
"TITLE": "WECON PLC Editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PLC Editor",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "1.3.8"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
]
},
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42705",
"datePublished": "2021-11-22T19:06:36.383Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:01:34.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42707 (GCVE-0-2021-42707)
Vulnerability from cvelistv5 – Published: 2021-11-22 19:04 – Updated: 2024-09-16 20:06
VLAI
Title
WECON PLC Editor
Summary
PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE CWE-787
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PLC Editor |
Affected:
All , ≤ 1.3.8
(custom)
|
Date Public
2021-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PLC Editor",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "1.3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T19:04:29.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"title": "WECON PLC Editor",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-11T22:37:00.000Z",
"ID": "CVE-2021-42707",
"STATE": "PUBLIC",
"TITLE": "WECON PLC Editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PLC Editor",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "1.3.8"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
]
},
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42707",
"datePublished": "2021-11-22T19:04:29.693Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:06:24.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14814 (GCVE-0-2018-14814)
Vulnerability from cvelistv5 – Published: 2019-03-27 19:50 – Updated: 2024-08-05 09:38
VLAI
Summary
WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object.
Severity
No CVSS data available.
CWE
- CWE-125 - Out-of-bounds read CWE-125
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | WECON Technology PI Studio HMI |
Affected:
PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior
|
Date Public
2018-10-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WECON Technology PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds read CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T19:50:08.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-14814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WECON Technology PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14814",
"datePublished": "2019-03-27T19:50:08.000Z",
"dateReserved": "2018-08-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:38:14.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14818 (GCVE-0-2018-14818)
Vulnerability from cvelistv5 – Published: 2018-10-08 13:00 – Updated: 2024-09-17 02:37
VLAI
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
|
| WECON | PI Studio |
Affected:
4.2.34 and prior
|
Date Public
2018-10-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14818",
"datePublished": "2018-10-08T13:00:00.000Z",
"dateReserved": "2018-08-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:37:32.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14810 (GCVE-0-2018-14810)
Vulnerability from cvelistv5 – Published: 2018-10-08 13:00 – Updated: 2024-09-16 18:18
VLAI
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.
Severity
No CVSS data available.
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE CWE-787
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
|
| WECON | PI Studio |
Affected:
4.2.34 and prior
|
Date Public
2018-10-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14810",
"datePublished": "2018-10-08T13:00:00.000Z",
"dateReserved": "2018-08-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:18:08.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23138 (GCVE-0-2021-23138)
Vulnerability from nvd – Published: 2022-01-14 19:10 – Updated: 2025-04-16 18:02
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-23138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:31:38.898270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T18:02:02.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-27T09:06:36.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
],
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-21T19:09:00.000Z",
"ID": "CVE-2021-23138",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140/"
}
]
},
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-23138",
"datePublished": "2022-01-14T19:10:41.500Z",
"dateReserved": "2021-12-16T00:00:00.000Z",
"dateUpdated": "2025-04-16T18:02:02.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23157 (GCVE-0-2021-23157)
Vulnerability from nvd – Published: 2022-01-14 19:10 – Updated: 2025-04-16 18:02
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-23157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:31:41.848676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T18:02:12.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"datePublic": "2021-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-27T09:06:14.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
],
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-21T19:09:00.000Z",
"ID": "CVE-2021-23157",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Natnael Samson (@NattiSamson), working with Trend Micro\u2019s Zero Day Initiative, reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-130/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-132/"
}
]
},
"source": {
"advisory": "ICSA-21-355-03",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-23157",
"datePublished": "2022-01-14T19:10:40.173Z",
"dateReserved": "2021-12-16T00:00:00.000Z",
"dateUpdated": "2025-04-16T18:02:12.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43983 (GCVE-0-2021-43983)
Vulnerability from nvd – Published: 2021-12-13 15:48 – Updated: 2024-09-17 01:26
VLAI
Title
WECON LeviStudioU
Summary
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
15 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | LeviStudioU |
Affected:
All , ≤ 2019-09-21
(custom)
|
Date Public
2021-12-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:17.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "2019-09-21",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-13T14:07:02.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
],
"source": {
"advisory": "ICSA-21-343-02",
"discovery": "UNKNOWN"
},
"title": "WECON LeviStudioU",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate this vulnerability. Users of this affected product are invited to contact WECON technical support for additional information. CISA also recommends users take the following measures to protect themselves from social engineering attacks:"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-12-09T22:34:00.000Z",
"ID": "CVE-2021-43983",
"STATE": "PUBLIC",
"TITLE": "WECON LeviStudioU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "2019-09-21"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045/"
}
]
},
"source": {
"advisory": "ICSA-21-343-02",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate this vulnerability. Users of this affected product are invited to contact WECON technical support for additional information. CISA also recommends users take the following measures to protect themselves from social engineering attacks:"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-43983",
"datePublished": "2021-12-13T15:48:06.183Z",
"dateReserved": "2021-11-17T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:26:17.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42707 (GCVE-0-2021-42707)
Vulnerability from nvd – Published: 2021-11-22 19:04 – Updated: 2024-09-16 20:06
VLAI
Title
WECON PLC Editor
Summary
PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE CWE-787
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PLC Editor |
Affected:
All , ≤ 1.3.8
(custom)
|
Date Public
2021-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PLC Editor",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "1.3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T19:04:29.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"title": "WECON PLC Editor",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-11T22:37:00.000Z",
"ID": "CVE-2021-42707",
"STATE": "PUBLIC",
"TITLE": "WECON PLC Editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PLC Editor",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "1.3.8"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
]
},
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42707",
"datePublished": "2021-11-22T19:04:29.693Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:06:24.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42705 (GCVE-0-2021-42705)
Vulnerability from nvd – Published: 2021-11-22 19:06 – Updated: 2024-09-16 20:01
VLAI
Title
WECON PLC Editor
Summary
PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.
Severity
7.8 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PLC Editor |
Affected:
All , ≤ 1.3.8
(custom)
|
Date Public
2021-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PLC Editor",
"vendor": "WECON",
"versions": [
{
"lessThanOrEqual": "1.3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T19:06:36.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
],
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"title": "WECON PLC Editor",
"workarounds": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-11T22:37:00.000Z",
"ID": "CVE-2021-42705",
"STATE": "PUBLIC",
"TITLE": "WECON PLC Editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PLC Editor",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "1.3.8"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-01"
}
]
},
"source": {
"advisory": "ICSA-21-315-01",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "WECON has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products are invited to contact WECON technical support for additional information."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42705",
"datePublished": "2021-11-22T19:06:36.383Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:01:34.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14814 (GCVE-0-2018-14814)
Vulnerability from nvd – Published: 2019-03-27 19:50 – Updated: 2024-08-05 09:38
VLAI
Summary
WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object.
Severity
No CVSS data available.
CWE
- CWE-125 - Out-of-bounds read CWE-125
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | WECON Technology PI Studio HMI |
Affected:
PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior
|
Date Public
2018-10-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WECON Technology PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds read CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-27T19:50:08.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-14814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WECON Technology PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14814",
"datePublished": "2019-03-27T19:50:08.000Z",
"dateReserved": "2018-08-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:38:14.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14818 (GCVE-0-2018-14818)
Vulnerability from nvd – Published: 2018-10-08 13:00 – Updated: 2024-09-17 02:37
VLAI
Summary
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.
Severity
No CVSS data available.
CWE
- CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WECON | PI Studio HMI |
Affected:
4.1.9 and prior
|
|
| WECON | PI Studio |
Affected:
4.2.34 and prior
|
Date Public
2018-10-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:14.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PI Studio HMI",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.1.9 and prior"
}
]
},
{
"product": "PI Studio",
"vendor": "WECON",
"versions": [
{
"status": "affected",
"version": "4.2.34 and prior"
}
]
}
],
"datePublic": "2018-10-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "STACK-BASED BUFFER OVERFLOW CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-08T12:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-14818",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PI Studio HMI",
"version": {
"version_data": [
{
"version_value": "4.1.9 and prior"
}
]
}
},
{
"product_name": "PI Studio",
"version": {
"version_data": [
{
"version_value": "4.2.34 and prior"
}
]
}
}
]
},
"vendor_name": "WECON"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STACK-BASED BUFFER OVERFLOW CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14818",
"datePublished": "2018-10-08T13:00:00.000Z",
"dateReserved": "2018-08-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:37:32.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}