ICSA-19-106-01
Vulnerability from csaf_cisa
Published
2019-04-16 00:00
Modified
2019-04-16 00:00
Summary
ICSA-19-106-01_Delta Industrial Automation CNCSoft
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary
Natnael Samson (@NattiSamson) and an anonymous researcher working with Trend Micro 's Zero Day Initiative (ZDI) reported these vulnerabilities to NCCIC.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"names": [
"Natnael Samson (@NattiSamson)",
"an anonymous party"
],
"organization": "Trend Micro \u0027s Zero Day Initiative (ZDI)",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "summary",
"text": "Natnael Samson (@NattiSamson) and an anonymous researcher working with Trend Micro \u0027s Zero Day Initiative (ZDI) reported these vulnerabilities to NCCIC.",
"title": "Summary"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "CISAservicedesk@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-106-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-106-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-106-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-106-01"
}
],
"title": "ICSA-19-106-01_Delta Industrial Automation CNCSoft",
"tracking": {
"current_release_date": "2019-04-16T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA USCert CSAF Generator",
"version": "1"
}
},
"id": "ICSA-19-106-01",
"initial_release_date": "2019-04-16T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-16T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-106-01 Delta Industrial Automation CNCSoft"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.00.88",
"product": {
"name": "CNCSoft ScreenEditor: Version 1.00.88 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "CNCSoft ScreenEditor"
}
],
"category": "vendor",
"name": "Delta Electronics"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10947",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. This may occur because CNCSoft lacks user input validation before copying data from project files onto the stack.CVE-2019-10947 has been assigned to these vulnerabilities. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Update to the latest version of ScreenEditor 1.00.89. This updated version can be found at:",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.deltaww.com/services/DownloadCenter2.aspx?secID=8\u0026pid=2\u0026tid=0\u0026CID=06\u0026itemID=060202\u0026typeID=1\u0026downloadID=\u0026title=\u0026dataType=8"
},
{
"category": "mitigation",
"details": "Restrict the interaction with the application to trusted files.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-10947"
},
{
"cve": "CVE-2019-10951",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary code. There is a lack of user input validation before copying data from project files onto the heap.CVE-2019-10951 has been assigned to these vulnerabilities. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Update to the latest version of ScreenEditor 1.00.89. This updated version can be found at:",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.deltaww.com/services/DownloadCenter2.aspx?secID=8\u0026pid=2\u0026tid=0\u0026CID=06\u0026itemID=060202\u0026typeID=1\u0026downloadID=\u0026title=\u0026dataType=8"
},
{
"category": "mitigation",
"details": "Restrict the interaction with the application to trusted files.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-10951"
},
{
"cve": "CVE-2019-10949",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files.CVE-2019-10949 has been assigned to these vulnerabilities. A CVSS v3 base score of 3.3 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Update to the latest version of ScreenEditor 1.00.89. This updated version can be found at:",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.deltaww.com/services/DownloadCenter2.aspx?secID=8\u0026pid=2\u0026tid=0\u0026CID=06\u0026itemID=060202\u0026typeID=1\u0026downloadID=\u0026title=\u0026dataType=8"
},
{
"category": "mitigation",
"details": "Restrict the interaction with the application to trusted files.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-10949"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…