cnvd - cnvd-2017-22839

cnvd-2017-22839

Vulnerability from cnvd

Title: Mirion Technologies Telemetry Enabled Devices拒绝服务漏洞（CNVD-2017-22839）

Description:

Mirion Technologies为核能，军事，辐射探测和监测提供解决方案的来源。

Mirion Technologies Telemetry Enabled Devices拒绝服务漏洞，攻击者利用该漏洞传送欺诈性数据或执行拒绝服务。

Severity: 中

Patch Name: Mirion Technologies Telemetry Enabled Devices拒绝服务漏洞（CNVD-2017-22839）的补丁

Patch Description:

Mirion Technologies为核能，军事，辐射探测和监测提供解决方案的来源。

Mirion Technologies Telemetry Enabled Devices拒绝服务漏洞，攻击者利用该漏洞传送欺诈性数据或执行拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://www.mirion.com/

Reference: https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02

Impacted products

Name
['Mirion Technologies Telemetry Enabled Devices DMC 3000 Transmitter Module', 'Mirion Technologies Telemetry Enabled Devices iPam Transmitter f/DMC 2000', 'Mirion Technologies Telemetry Enabled Devices RDS-31 iTX and variants (incl. RSD31-AM Package)', 'Mirion Technologies Telemetry Enabled Devices DRM-1/2 and variants (incl. Solar PWR Package)', 'Mirion Technologies Telemetry Enabled Devices DRM and RDS Based Boundary Monitors', 'Mirion Technologies Telemetry Enabled Devices Telepole II', 'Mirion Technologies Telemetry Enabled Devices External Transmitters', 'Mirion Technologies Telemetry Enabled Devices MESH Repeater']

Name

['Mirion Technologies Telemetry Enabled Devices DMC 3000 Transmitter Module', 'Mirion Technologies Telemetry Enabled Devices iPam Transmitter f/DMC 2000', 'Mirion Technologies Telemetry Enabled Devices RDS-31 iTX and variants (incl. RSD31-AM Package)', 'Mirion Technologies Telemetry Enabled Devices DRM-1/2 and variants (incl. Solar PWR Package)', 'Mirion Technologies Telemetry Enabled Devices DRM and RDS Based Boundary Monitors', 'Mirion Technologies Telemetry Enabled Devices Telepole II', 'Mirion Technologies Telemetry Enabled Devices External Transmitters', 'Mirion Technologies Telemetry Enabled Devices MESH Repeater']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9645"
    }
  },
  "description": "Mirion Technologies\u4e3a\u6838\u80fd\uff0c\u519b\u4e8b\uff0c\u8f90\u5c04\u63a2\u6d4b\u548c\u76d1\u6d4b\u63d0\u4f9b\u89e3\u51b3\u65b9\u6848\u7684\u6765\u6e90\u3002 \r\n\r\nMirion Technologies Telemetry Enabled Devices\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u4f20\u9001\u6b3a\u8bc8\u6027\u6570\u636e\u6216\u6267\u884c\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Ruben Santamarta of IOActive",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a \r\nhttp://www.mirion.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-22839",
  "openTime": "2017-08-25",
  "patchDescription": "Mirion Technologies\u4e3a\u6838\u80fd\uff0c\u519b\u4e8b\uff0c\u8f90\u5c04\u63a2\u6d4b\u548c\u76d1\u6d4b\u63d0\u4f9b\u89e3\u51b3\u65b9\u6848\u7684\u6765\u6e90\u3002 \r\n\r\nMirion Technologies Telemetry Enabled Devices\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u4f20\u9001\u6b3a\u8bc8\u6027\u6570\u636e\u6216\u6267\u884c\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mirion Technologies Telemetry Enabled Devices\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-22839\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mirion Technologies Telemetry Enabled Devices DMC 3000 Transmitter Module",
      "Mirion Technologies Telemetry Enabled Devices iPam Transmitter f/DMC 2000",
      "Mirion Technologies Telemetry Enabled Devices RDS-31 iTX and variants (incl. RSD31-AM Package)",
      "Mirion Technologies Telemetry Enabled Devices DRM-1/2 and variants (incl. Solar PWR Package)",
      "Mirion Technologies Telemetry Enabled Devices DRM and RDS Based Boundary Monitors",
      "Mirion Technologies Telemetry Enabled Devices Telepole II",
      "Mirion Technologies Telemetry Enabled Devices External Transmitters",
      "Mirion Technologies Telemetry Enabled Devices MESH Repeater"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02",
  "serverity": "\u4e2d",
  "submitTime": "2017-08-03",
  "title": "Mirion Technologies Telemetry Enabled Devices\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-22839\uff09"
}

CVE-2017-9645 (GCVE-0-2017-9645)

Vulnerability from cvelistv5

Published

2017-09-20 16:00

Modified

2024-08-05 17:18

Severity ?

CWE

CWE-326

Summary

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/100001	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Mirion Technologies Telemetry Enabled Devices	Version: Mirion Technologies Telemetry Enabled Devices

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:18:00.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100001",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100001"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Mirion Technologies Telemetry Enabled Devices",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Mirion Technologies Telemetry Enabled Devices"
            }
          ]
        }
      ],
      "datePublic": "2017-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-21T09:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "100001",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100001"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-9645",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Mirion Technologies Telemetry Enabled Devices",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Mirion Technologies Telemetry Enabled Devices"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-326"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100001",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100001"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-9645",
    "datePublished": "2017-09-20T16:00:00",
    "dateReserved": "2017-06-14T00:00:00",
    "dateUpdated": "2024-08-05T17:18:00.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted