cvelistv5 - cve-2018-14827

CVE-2018-14827 (GCVE-0-2018-14827)

Vulnerability from cvelistv5 – Published: 2018-09-20 20:00 – Updated: 2024-09-16 19:14

Summary

Severity ?

No CVSS data available.

CWE

CWE-400 - UNCONTROLLED RESOURCE CONSUMPTION ('RESOURCE EXHAUSTION') CWE-400

Assigner

icscert

References

URL

	Vendor	Product	Version
	Rockwell Automation	RSLinx Classic	Affected: 4.00.01 and prior

ICSA-18-263-02

Vulnerability from csaf_cisa - Published: 2018-09-20 00:00 - Updated: 2018-09-20 00:00

Summary

Rockwell Automation RSLinx Classic

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device.

Critical infrastructure sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Rockwell Automation",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "organization": "Tenable",
        "summary": "reporting these vulnerabilities to NCCIC"
      },
      {
        "names": [
          "Younes Dragoni",
          "Alessandro Di Pinto"
        ],
        "organization": "Nozomi Networks",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-263-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-263-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-263-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-263-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Rockwell Automation RSLinx Classic",
    "tracking": {
      "current_release_date": "2018-09-20T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-263-02",
      "initial_release_date": "2018-09-20T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-09-20T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-263-02 Rockwell Automation RSLinx Classic"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 4.00.01",
                "product": {
                  "name": "RSLinx Classic: Versions 4.00.01 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "RSLinx Classic"
          }
        ],
        "category": "vendor",
        "name": "Rockwell Automation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-14829",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code.CVE-2018-14829 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14829"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Rockwell Automation has released a new version of the software that can found at Rockwell Automation knowledgebase article KB 1075712",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075712"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation also reports that users can disable Port 44818 if it is not utilized during system operation. For more details on how to disable the port and for Rockwell Automation\u0027s general security guidelines, please visit knowledgebase article KB 1075747 (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        },
        {
          "category": "mitigation",
          "details": "Please see Rockwell Automation\u0027s industrial security advisory at the following location on their website for further details (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-14821",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually restart the software to regain functionality.CVE-2018-14821 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14821"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Rockwell Automation has released a new version of the software that can found at Rockwell Automation knowledgebase article KB 1075712",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075712"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation also reports that users can disable Port 44818 if it is not utilized during system operation. For more details on how to disable the port and for Rockwell Automation\u0027s general security guidelines, please visit knowledgebase article KB 1075747 (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        },
        {
          "category": "mitigation",
          "details": "Please see Rockwell Automation\u0027s industrial security advisory at the following location on their website for further details (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-14827",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.CVE-2018-14827 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14827"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Rockwell Automation has released a new version of the software that can found at Rockwell Automation knowledgebase article KB 1075712",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075712"
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation also reports that users can disable Port 44818 if it is not utilized during system operation. For more details on how to disable the port and for Rockwell Automation\u0027s general security guidelines, please visit knowledgebase article KB 1075747 (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        },
        {
          "category": "mitigation",
          "details": "Please see Rockwell Automation\u0027s industrial security advisory at the following location on their website for further details (login is required)",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075747"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

CNVD-2019-09766

Vulnerability from cnvd - Published: 2019-04-12

Title

Rockwell Automation RSLinx Classic拒绝服务漏洞（CNVD-2019-09766）

Description

Rockwell Automation RSLinx Classic是美国罗克韦尔（Rockwell Automation）公司的一套工厂通信解决方案。该方案支持通过Allen-Bradley可编程控制器访问Rockwell Software和Allen-Bradley应用程序等。 Rockwell Automation RSLinx Classic 4.00.01及之前版本中存在拒绝服务漏洞，远程攻击者可通过向44818端口发送特制的Ethernet/IP数据包利用该漏洞造成应用程序停止响应并造成其崩溃。

Severity

中

Patch Name

Rockwell Automation RSLinx Classic拒绝服务漏洞（CNVD-2019-09766）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075712

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-14827

Impacted products

Name
Rockwall Automation RSLinx Classic <=4.00.01

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-14827"
    }
  },
  "description": "Rockwell Automation RSLinx Classic\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u4e00\u5957\u5de5\u5382\u901a\u4fe1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u652f\u6301\u901a\u8fc7Allen-Bradley\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\u8bbf\u95eeRockwell Software\u548cAllen-Bradley\u5e94\u7528\u7a0b\u5e8f\u7b49\u3002\n\nRockwell Automation RSLinx Classic 4.00.01\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u541144818\u7aef\u53e3\u53d1\u9001\u7279\u5236\u7684Ethernet/IP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u5e94\u7528\u7a0b\u5e8f\u505c\u6b62\u54cd\u5e94\u5e76\u9020\u6210\u5176\u5d29\u6e83\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075712",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-09766",
  "openTime": "2019-04-12",
  "patchDescription": "Rockwell Automation RSLinx Classic\u662f\u7f8e\u56fd\u7f57\u514b\u97e6\u5c14\uff08Rockwell Automation\uff09\u516c\u53f8\u7684\u4e00\u5957\u5de5\u5382\u901a\u4fe1\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u652f\u6301\u901a\u8fc7Allen-Bradley\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\u8bbf\u95eeRockwell Software\u548cAllen-Bradley\u5e94\u7528\u7a0b\u5e8f\u7b49\u3002\r\n\r\nRockwell Automation RSLinx Classic 4.00.01\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u541144818\u7aef\u53e3\u53d1\u9001\u7279\u5236\u7684Ethernet/IP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u5e94\u7528\u7a0b\u5e8f\u505c\u6b62\u54cd\u5e94\u5e76\u9020\u6210\u5176\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Rockwell Automation RSLinx Classic\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2019-09766\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Rockwall Automation RSLinx Classic \u003c=4.00.01"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-14827",
  "serverity": "\u4e2d",
  "submitTime": "2018-09-21",
  "title": "Rockwell Automation RSLinx Classic\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2019-09766\uff09"
}

FKIE_CVE-2018-14827

Vulnerability from fkie_nvd - Published: 2018-09-20 19:29 - Updated: 2024-11-21 03:49

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02	Third Party Advisory, US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	rockwellautomation	rslinx	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rockwellautomation:rslinx:*:*:*:*:classic:*:*:*",
              "matchCriteriaId": "8A2F3687-1906-476D-9947-B4A02AAA1E24",
              "versionEndIncluding": "4.00.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality."
    },
    {
      "lang": "es",
      "value": "Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Un actor de amenaza remoto no autenticado podr\u00eda enviar de forma intencionada paquetes Ethernet/IP al puerto 44818, lo que provoca que la aplicaci\u00f3n del software deje de responder y se cierre inesperadamente. El usuario necesitar\u00e1 reiniciar el software para recuperar la funcionalidad."
    }
  ],
  "id": "CVE-2018-14827",
  "lastModified": "2024-11-21T03:49:52.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-20T19:29:00.580",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201809-0160

Vulnerability from variot - Updated: 2023-12-18 13:23

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality. The solution supports access to Rockwell Software and Allen-Bradley applications via Allen-Bradley programmable controllers. A stack-based buffer-overflow vulnerability. 2. A heap-based buffer-overflow vulnerability. 3. A denial-of-service vulnerability. Attackers can exploit these issues to execute arbitrary code, obtain sensitive information or cause the affected application to crash

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0160",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "rslinx",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "4.00.01"
      },
      {
        "model": "rslinx classic",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "4.00.01"
      },
      {
        "model": "automation rslinx classic",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "rockwall",
        "version": "\u003c=4.00.01"
      },
      {
        "model": "rslinx",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rockwellautomation",
        "version": "4.00.01"
      },
      {
        "model": "automation rslinx classic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "4.00.01"
      },
      {
        "model": "automation rslinx classic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "3.90.01"
      },
      {
        "model": "automation rslinx classic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "3.73.00"
      },
      {
        "model": "automation rslinx classic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "3.72.00"
      },
      {
        "model": "automation rslinx classic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "1.0.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "rslinx",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "BID",
        "id": "108501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx:*:*:*:*:classic:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.00.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tenable and Younes Dragoni and Alessandro Di Pinto of Nozomi Networks",
    "sources": [
      {
        "db": "BID",
        "id": "108501"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-14827",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-14827",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-09766",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-125025",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-14827",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-14827",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-09766",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201809-949",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-125025",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality. The solution supports access to Rockwell Software and Allen-Bradley applications via Allen-Bradley programmable controllers. A stack-based buffer-overflow vulnerability. \n2. A heap-based buffer-overflow vulnerability. \n3. A denial-of-service vulnerability. \nAttackers can exploit these issues to execute arbitrary code, obtain sensitive information or cause the affected application to crash",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "BID",
        "id": "108501"
      },
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-14827",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-263-02",
        "trust": 2.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "108501",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "5B48244A-D5D3-4BE0-AA54-A054132FCF9E",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "db": "BID",
        "id": "108501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "id": "VAR-201809-0160",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      }
    ],
    "trust": 1.47843137
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:23:58.062000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "RSLinx",
        "trust": 0.8,
        "url": "https://www.rockwellautomation.com/rockwellsoftware/products/rslinx.page"
      },
      {
        "title": "Patch for Rockwell Automation RSLinx Classic Denial of Service Vulnerability (CNVD-2019-09766)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/158513"
      },
      {
        "title": "Rockwell Automation RSLinx Classic Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85064"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-263-02"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14827"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14827"
      },
      {
        "trust": 0.3,
        "url": "https://www.rockwellautomation.com/en_in/overview.page"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "db": "BID",
        "id": "108501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "db": "BID",
        "id": "108501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-12T00:00:00",
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "date": "2019-04-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "date": "2018-09-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "date": "2018-09-20T00:00:00",
        "db": "BID",
        "id": "108501"
      },
      {
        "date": "2018-12-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "date": "2018-09-20T19:29:00.580000",
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "date": "2018-09-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-09766"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-125025"
      },
      {
        "date": "2018-09-20T00:00:00",
        "db": "BID",
        "id": "108501"
      },
      {
        "date": "2018-12-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      },
      {
        "date": "2019-10-09T23:35:17.857000",
        "db": "NVD",
        "id": "CVE-2018-14827"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rockwell Automation RSLinx Classic Vulnerabilities related to resource exhaustion",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010788"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Resource management error",
    "sources": [
      {
        "db": "IVD",
        "id": "5b48244a-d5d3-4be0-aa54-a054132fcf9e"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201809-949"
      }
    ],
    "trust": 0.8
  }
}

GHSA-X977-8678-7C9X

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-14827"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-09-20T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.",
  "id": "GHSA-x977-8678-7c9x",
  "modified": "2022-05-13T01:34:24Z",
  "published": "2022-05-13T01:34:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14827"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-14827

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-14827

Aliases

CVE-2018-14827

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-14827",
    "description": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.",
    "id": "GSD-2018-14827"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-14827"
      ],
      "details": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.",
      "id": "GSD-2018-14827",
      "modified": "2023-12-13T01:22:38.255894Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2018-09-20T00:00:00",
        "ID": "CVE-2018-14827",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "RSLinx Classic",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "4.00.01 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Rockwell Automation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "UNCONTROLLED RESOURCE CONSUMPTION (\u0027RESOURCE EXHAUSTION\u0027) CWE-400"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx:*:*:*:*:classic:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.00.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-14827"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:35Z",
      "publishedDate": "2018-09-20T19:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-14827 (GCVE-0-2018-14827)

ICSA-18-263-02

CNVD-2019-09766

FKIE_CVE-2018-14827

VAR-201809-0160

GHSA-X977-8678-7C9X

GSD-2018-14827

Tags

Sightings

Nomenclature