cnvd - cnvd-2018-12128

CNVD-2018-12128

Vulnerability from cnvd - Published: 2018-06-27

Title

Delta Electronics Delta Industrial Automation COMMGR缓冲区溢出漏洞

Description

Delta Industrial Automation COMMGR是台达电子（Delta Electronics）公司的一套通信管理软件。 Delta Industrial Automation COMMGR 1.08及之前版本中存在缓冲区溢出漏洞。远程攻击者可利用该漏洞在受影响应用程序的上下文中执行任意代码或造成拒绝服务。

Severity

高

Patch Name

Delta Electronics Delta Industrial Automation COMMGR缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前供应商发布了安全公告及相关补丁信息，修复了此漏洞： http://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=2093&DocPath=1&hl=en-USl

Reference

https://www.securityfocus.com/bid/104529

Impacted products

Name
['Delta Electronics Delta Industrial Automation COMMGR <=1.08', 'Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x0', 'Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x1', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH2', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH3', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator ES2', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SE', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SS2']

Name

['Delta Electronics Delta Industrial Automation COMMGR <=1.08', 'Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x0', 'Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x1', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH2', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH3', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator ES2', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SE', 'Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SS2']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "104529"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-10594"
    }
  },
  "description": "Delta Industrial Automation COMMGR\u662f\u53f0\u8fbe\u7535\u5b50\uff08Delta Electronics\uff09\u516c\u53f8\u7684\u4e00\u5957\u901a\u4fe1\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nDelta Industrial Automation COMMGR 1.08\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "An anonymous researcher working with Trend Micro\u00e2??s Zero Day Initiative",
  "formalWay": "\u76ee\u524d\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\uff1a\r\nhttp://www.deltaww.com/Products/PluginWebUserControl/downloadCenterCounter.aspx?DID=2093\u0026DocPath=1\u0026hl=en-USl",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-12128",
  "openTime": "2018-06-27",
  "patchDescription": "Delta Industrial Automation COMMGR\u662f\u53f0\u8fbe\u7535\u5b50\uff08Delta Electronics\uff09\u516c\u53f8\u7684\u4e00\u5957\u901a\u4fe1\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nDelta Industrial Automation COMMGR 1.08\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Delta Electronics Delta Industrial Automation COMMGR\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Delta Electronics Delta Industrial Automation COMMGR \u003c=1.08",
      "Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x0",
      "Delta Electronics Delta Industrial Automation COMMGR AHSIM_5x1",
      "Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH2",
      "Delta Electronics Delta Industrial Automation COMMGR DVPSimulator EH3",
      "Delta Electronics Delta Industrial Automation COMMGR DVPSimulator ES2",
      "Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SE",
      "Delta Electronics Delta Industrial Automation COMMGR DVPSimulator SS2"
    ]
  },
  "referenceLink": "https://www.securityfocus.com/bid/104529",
  "serverity": "\u9ad8",
  "submitTime": "2018-06-22",
  "title": "Delta Electronics Delta Industrial Automation COMMGR\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2018-10594 (GCVE-0-2018-10594)

Vulnerability from cvelistv5 – Published: 2018-06-26 20:00 – Updated: 2024-09-16 16:58

Summary

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server.

Severity ?

No CVSS data available.

CWE

CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121

Assigner

icscert

References

URL

Tags

	http://www.securityfocus.com/bid/104529	vdb-entryx_refsource_BID
	https://www.exploit-db.com/exploits/44965/	exploitx_refsource_EXPLOIT-DB
	https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01	x_refsource_MISC
	https://www.exploit-db.com/exploits/45574/	exploitx_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	ICS-CERT	Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1)	Affected: Version 1.08 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:39:08.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "104529",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104529"
          },
          {
            "name": "44965",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44965/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
          },
          {
            "name": "45574",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45574/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1)",
          "vendor": "ICS-CERT",
          "versions": [
            {
              "status": "affected",
              "version": "Version 1.08 and prior"
            }
          ]
        }
      ],
      "datePublic": "2018-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "STACK-BASED BUFFER OVERFLOW CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T09:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "104529",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104529"
        },
        {
          "name": "44965",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44965/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
        },
        {
          "name": "45574",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45574/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2018-06-21T00:00:00",
          "ID": "CVE-2018-10594",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Delta Industrial Automation COMMGR and accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Version 1.08 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ICS-CERT"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "STACK-BASED BUFFER OVERFLOW CWE-121"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "104529",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104529"
            },
            {
              "name": "44965",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44965/"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01"
            },
            {
              "name": "45574",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45574/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-10594",
    "datePublished": "2018-06-26T20:00:00Z",
    "dateReserved": "2018-05-01T00:00:00",
    "dateUpdated": "2024-09-16T16:58:55.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-12128

CVE-2018-10594 (GCVE-0-2018-10594)

Tags

Sightings

Nomenclature