var-201806-0554
Vulnerability from variot
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. Industrial Automation COMMGR 1.08 and prior are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "commgr",
"scope": null,
"trust": 2.8,
"vendor": "delta industrial automation",
"version": null
},
{
"_id": null,
"model": "commgr",
"scope": "lte",
"trust": 1.0,
"vendor": "deltaww",
"version": "1.08"
},
{
"_id": null,
"model": "commgr",
"scope": "lte",
"trust": 0.8,
"vendor": "delta",
"version": "1.08"
},
{
"_id": null,
"model": "electronics delta industrial automation commgr",
"scope": "lte",
"trust": 0.6,
"vendor": "delta",
"version": "\u003c=1.08"
},
{
"_id": null,
"model": "electronics delta industrial automation commgr ahsim 5x0",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr ahsim 5x1",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator eh2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator eh3",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator es2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator se",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "electronics delta industrial automation commgr dvpsimulator ss2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"_id": null,
"model": "commgr",
"scope": "eq",
"trust": 0.6,
"vendor": "deltaww",
"version": "1.08"
},
{
"_id": null,
"model": "electronics inc industrial automation commgr",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "1.08"
},
{
"_id": null,
"model": "electronics inc dvpsimulator ss2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator se",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator es2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator eh3",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc dvpsimulator eh2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"_id": null,
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x1"
},
{
"_id": null,
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x0"
},
{
"_id": null,
"model": "electronics inc industrial automation commgr",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "1.09"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "commgr",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:delta_electronics:commgr",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
}
],
"trust": 2.8
},
"cve": "CVE-2018-10594",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10594",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 4.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12128",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10594",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-10594",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10594",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10594",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"description": {
"_id": null,
"data": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. \nIndustrial Automation COMMGR 1.08 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
}
],
"trust": 5.13
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-10594",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-172-01",
"trust": 2.7
},
{
"db": "BID",
"id": "104529",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "44965",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "45574",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5668",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-587",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5666",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-586",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5667",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-588",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5665",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-585",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FF3E01-39AB-11E9-A6A4-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"id": "VAR-201806-0554",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
]
},
"last_update_date": "2024-11-23T23:05:06.011000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Delta Industrial Automation has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.deltaww.com/"
},
{
"title": "Patch for Delta Electronics Delta Industrial Automation COMMGR Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/132857"
},
{
"title": "Delta Industrial Automation COMMGR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81478"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 5.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-172-01"
},
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/104529"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/45574/"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10594"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10594"
},
{
"trust": 0.3,
"url": "http://www.deltaww.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"db": "BID",
"id": "104529",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"date": "2018-06-26T20:29:00.227000",
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588",
"ident": null
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585",
"ident": null
},
{
"date": "2018-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128",
"ident": null
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529",
"ident": null
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"ident": null
},
{
"date": "2024-11-21T03:41:37.600000",
"db": "NVD",
"id": "CVE-2018-10594",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Delta Industrial Automation COMMGR Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.