var-201502-0245
Vulnerability from variot
Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets. General Electric Company is a manufacturer of electrical equipment, electrical and electronic equipment. General Electric (GE) and MACTek 'HART DTM' Library have a denial of service vulnerability that an attacker can use to cause an affected system to stop responding and initiate a denial of service attack. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201502-0245",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vector device type manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "1.00.0"
},
{
"model": "svi ii ap positioner device type manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ge",
"version": "2.00.1"
},
{
"model": "bullet device type manager",
"scope": "eq",
"trust": 1.0,
"vendor": "mactek",
"version": "1.00.0"
},
{
"model": "12400 level transmitter device type manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ge",
"version": "1.00.0"
},
{
"model": "12400 level transmitter dtm",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "1.00.0"
},
{
"model": "svi ii ap positioner dtm",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "2.00.1"
},
{
"model": "svi1000 positioner dtm",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "1.00.0"
},
{
"model": "vector dtm",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "1.00.0"
},
{
"model": "bullet wirelesshart device type manager",
"scope": "eq",
"trust": 0.8,
"vendor": "mactek",
"version": "(dtm) 1.00.0"
},
{
"model": "electric mactek bullet dtm",
"scope": "eq",
"trust": 0.6,
"vendor": "general",
"version": "1.00.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "12400 level transmitter device type manager",
"version": "1.00.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "svi ii ap positioner device type manager",
"version": "2.00.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vector device type manager",
"version": "1.00.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "bullet device type manager",
"version": "1.00.0"
}
],
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ge:12400_level_transmitter_device_type_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:svi_ii_ap_positioner_device_type_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:svi1000_positione_device_type_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:vector_device_type_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mactek:bullet_device_type_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Bolshev",
"sources": [
{
"db": "BID",
"id": "72524"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9203",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-00995",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9203",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-9203",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-00995",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201502-133",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.00.0, GE SVI II AP Positioner DTM 2.00.1, and GE 12400 Level Transmitter DTM 1.00.0, allows remote attackers to cause a denial of service (DTM outage) via crafted packets. General Electric Company is a manufacturer of electrical equipment, electrical and electronic equipment. General Electric (GE) and MACTek \u0027HART DTM\u0027 Library have a denial of service vulnerability that an attacker can use to cause an affected system to stop responding and initiate a denial of service attack. \nAn attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9203"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "BID",
"id": "72524"
},
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9203",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-036-01",
"trust": 2.7
},
{
"db": "BID",
"id": "72524",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-00995",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-036-01A",
"trust": 0.3
},
{
"db": "IVD",
"id": "A3A0AD20-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "BID",
"id": "72524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"id": "VAR-201502-0245",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
}
]
},
"last_update_date": "2024-11-23T22:34:59.487000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GEOG 15-01_Security_Advisory_HART DTM",
"trust": 0.8,
"url": "http://d3qm6x350yyq59.cloudfront.net/sites/geog.dev.local/files/geog_15-01_security_advisory_hart_dtm.pdf"
},
{
"title": "Download Center",
"trust": 0.8,
"url": "http://www.ge-mcs.com/en/download.html"
},
{
"title": "Bullet_DTM_1_00_1.exe",
"trust": 0.8,
"url": "https://mactekcorp.com/downloadFiles/Bullet_DTM_1_00_1.exe"
},
{
"title": "BULLET WirelessHART Adapter",
"trust": 0.8,
"url": "https://mactekcorp.com/product6a.php"
},
{
"title": "General Electric (GE) and MACTek \u0027HART DTM\u0027 Library have patches for denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/55174"
},
{
"title": "VECTOR_DTM_Installer_V1.00.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53668"
},
{
"title": "SVI_II_AP_DTM_Installer_V2.10.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53671"
},
{
"title": "SVi1000_DTM_Installer_V1.00.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53670"
},
{
"title": "12400_DTM_Installer_V1.00.1",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53669"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-036-01"
},
{
"trust": 1.6,
"url": "http://www.geoilandgas.com/securityadvisory"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9203"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9203"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/72524"
},
{
"trust": 0.3,
"url": "http://www.ge.com/"
},
{
"trust": 0.3,
"url": "https://mactekcorp.com/"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-036-01a"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "BID",
"id": "72524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"db": "BID",
"id": "72524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-02-10T00:00:00",
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"date": "2015-02-05T00:00:00",
"db": "BID",
"id": "72524"
},
{
"date": "2015-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"date": "2015-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"date": "2015-02-07T15:59:00.050000",
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-00995"
},
{
"date": "2015-02-05T00:00:00",
"db": "BID",
"id": "72524"
},
{
"date": "2015-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007859"
},
{
"date": "2015-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201502-133"
},
{
"date": "2024-11-21T02:20:23.690000",
"db": "NVD",
"id": "CVE-2014-9203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MACTek Bullet DTM And multiple GE DTM Used in products HART DTM Buffer overflow vulnerability in library",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007859"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "a3a0ad20-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201502-133"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…