cvelistv5 - cve-2018-5452

CVE-2018-5452 (GCVE-0-2018-5452)

Vulnerability from cvelistv5 – Published: 2018-03-07 18:00 – Updated: 2024-08-05 05:33

Summary

Severity ?

No CVSS data available.

CWE

CWE-121

Assigner

icscert

References

URL

	Vendor	Product	Version
	n/a	Emerson ControlWave Micro Process Automation Controller	Affected: Emerson ControlWave Micro Process Automation Controller

GSD-2018-5452

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-5452

Aliases

CVE-2018-5452

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-5452",
    "description": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode.",
    "id": "GSD-2018-5452"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-5452"
      ],
      "details": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode.",
      "id": "GSD-2018-5452",
      "modified": "2023-12-13T01:22:39.748987Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2018-5452",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Emerson ControlWave Micro Process Automation Controller",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Emerson ControlWave Micro Process Automation Controller"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-121"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "103180",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103180"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:emerson:controlwave_micro_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "05.78.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:emerson:controlwave_micro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-5452"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03"
            },
            {
              "name": "103180",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103180"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-09-18T16:07Z",
      "publishedDate": "2018-03-07T18:29Z"
    }
  }
}

FKIE_CVE-2018-5452

Vulnerability from fkie_nvd - Published: 2018-03-07 18:29 - Updated: 2024-11-21 04:08

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/103180	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103180	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	emerson	controlwave_micro_firmware	*
	emerson	controlwave_micro	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:emerson:controlwave_micro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "595E74E3-4A5D-4C14-AFFF-0C6C940D69BD",
              "versionEndIncluding": "05.78.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:emerson:controlwave_micro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FC7C433-A42D-4FBA-9F79-F3923153ABF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de desbordamiento de b\u00fafer basado en pila en Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] con firmware: CWM v.05.78.00 y anteriores. Una vulnerabilidad de desbordamiento de b\u00fafer basado en pila provocada por el env\u00edo de paquetes manipulados en el puerto 20547 podr\u00eda forzar al PLC a cambiar su estado a modo halt (detenci\u00f3n)."
    }
  ],
  "id": "CVE-2018-5452",
  "lastModified": "2024-11-21T04:08:49.783",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-07T18:29:00.483",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103180"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-XQ5R-4H6F-R3GP

Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-5452"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-07T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode.",
  "id": "GHSA-xq5r-4h6f-r3gp",
  "modified": "2022-05-13T01:16:13Z",
  "published": "2022-05-13T01:16:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5452"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103180"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-18-058-03

Vulnerability from csaf_cisa - Published: 2018-02-27 00:00 - Updated: 2018-02-27 00:00

Summary

Emerson ControlWave Micro Process Automation Controller

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Critical infrastructure sectors

Energy, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Minnesota, USA

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls, and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT website.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Younes Dragoni"
        ],
        "organization": "Nozomi Networks",
        "summary": "reporting this vulnerability to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Minnesota, USA",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls, and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT website.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-058-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-058-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-058-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-058-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/"
      }
    ],
    "title": "Emerson ControlWave Micro Process Automation Controller",
    "tracking": {
      "current_release_date": "2018-02-27T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-058-03",
      "initial_release_date": "2018-02-27T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-02-27T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-058-03 Emerson ControlWave Micro Process Automation Controller"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=05.78.00",
                "product": {
                  "name": "ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "ControlWave Micro [ProConOS v.4.01.280] firmware"
          }
        ],
        "category": "vendor",
        "name": "Emerson"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-5452",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode. CVE-2018-5452 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5452"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Assess which ControlWave products in your organization have Ethernet connectivity.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade the affected devices to firmware version 05.79.00 to correct this possible action. System firmware upgrade instructions are available in product documentation (ControlWave Micro Process Automation Controller Instruction Manual, part D301392X012).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www3.emersonprocess.com/remote/support/v2/login.html"
        },
        {
          "category": "mitigation",
          "details": "The resolution described is available only to the user when appropriately incorporated into the application running in ControlWave Micro firmware.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Prior to upgrading the system firmware, always perform a full alarm and historical collection (archive files as well as audit logs).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The release notes and firmware upgrade are available to registered users at the following link:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www3.emersonprocess.com/remote/support/v2/login.html"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

VAR-201803-2080

Vulnerability from variot - Updated: 2023-12-18 13:13

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode. The ControlWave Micro is a highly programmable controller that combines the unique features of a programmable logic controller (PLC) and remote measurement and control terminal (RTU) in a single hybrid controller. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2080",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "controlwave micro",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "emerson",
        "version": "05.78.00"
      },
      {
        "model": "controlwave micro",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "emerson",
        "version": "cwm v.05.78.00"
      },
      {
        "model": "process management lllp controlwave micro process automation controller",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "emerson",
        "version": "\u003c=v.05.78.00"
      },
      {
        "model": "controlwave micro",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "emerson",
        "version": "05.78.00"
      },
      {
        "model": "controlwave micro process automation controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "emerson",
        "version": "05.78.00"
      },
      {
        "model": "controlwave micro process automation controller",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "emerson",
        "version": "05.79.00"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "controlwave micro",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "BID",
        "id": "103180"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:emerson:controlwave_micro_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "05.78.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:emerson:controlwave_micro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Wang Yan",
    "sources": [
      {
        "db": "BID",
        "id": "103180"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-5452",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-5452",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-03769",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2e43bee-39ab-11e9-a765-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-135483",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-5452",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-5452",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-03769",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201803-192",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2e43bee-39ab-11e9-a765-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-135483",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode. The ControlWave Micro is a highly programmable controller that combines the unique features of a programmable logic controller (PLC) and remote measurement and control terminal (RTU) in a single hybrid controller. \nAn attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "BID",
        "id": "103180"
      },
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-5452",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-058-03",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "103180",
        "trust": 2.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2E43BEE-39AB-11E9-A765-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-99007",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "db": "BID",
        "id": "103180"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "id": "VAR-201803-2080",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      }
    ],
    "trust": 1.65
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:13:56.065000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "ControlWave PAC - Process Automation Controller",
        "trust": 0.8,
        "url": "http://www2.emersonprocess.com/en-us/brands/controlwave/scada-rtus/process_automation_controller/pages/process_automation_controller.aspx"
      },
      {
        "title": "Emerson ControlWave Micro Process Automation Controller Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/119169"
      },
      {
        "title": "Emerson Process Management ControlWave Micro Process Automation Controller Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78950"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-058-03"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/103180"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5452"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5452"
      },
      {
        "trust": 0.3,
        "url": "http://emerson.com"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "db": "BID",
        "id": "103180"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "db": "BID",
        "id": "103180"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-28T00:00:00",
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "date": "2018-02-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "date": "2018-03-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "date": "2018-02-27T00:00:00",
        "db": "BID",
        "id": "103180"
      },
      {
        "date": "2018-04-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "date": "2018-03-07T18:29:00.483000",
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "date": "2018-03-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      },
      {
        "date": "2020-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-135483"
      },
      {
        "date": "2018-02-27T00:00:00",
        "db": "BID",
        "id": "103180"
      },
      {
        "date": "2018-04-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002689"
      },
      {
        "date": "2020-09-18T16:07:26.397000",
        "db": "NVD",
        "id": "CVE-2018-5452"
      },
      {
        "date": "2020-09-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Emerson ControlWave Micro Process Automation Controller Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03769"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e43bee-39ab-11e9-a765-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-192"
      }
    ],
    "trust": 0.8
  }
}

CNVD-2018-03769

Vulnerability from cnvd - Published: 2018-02-28

Title

Emerson ControlWave Micro Process Automation Controller缓冲区溢出漏洞

Description

ControlWave Micro为一款高度可编程控制器，该控制器将可编程逻辑控制器(PLC)和远程测控终端(RTU)的独特功能集中在一个混合控制器内。 Emerson ControlWave Micro Process Automation Controller存在缓冲区溢出漏洞，通过在端口20547上发送精心设计的数据包，攻击者可利用漏洞强制PLC将其状态更改为暂停模式。

Severity

高

Patch Name

Emerson ControlWave Micro Process Automation Controller缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁已修复这个安全问题，请到厂商的主页下载： http://www3.emersonprocess.com/remote/support/v2/login.html

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03

Impacted products

Name
Emerson Process Management LLLP ControlWave Micro Process Automation Controller <=v.05.78.00

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-5452"
    }
  },
  "description": "ControlWave Micro\u4e3a\u4e00\u6b3e\u9ad8\u5ea6\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\uff0c\u8be5\u63a7\u5236\u5668\u5c06\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668(PLC)\u548c\u8fdc\u7a0b\u6d4b\u63a7\u7ec8\u7aef(RTU)\u7684\u72ec\u7279\u529f\u80fd\u96c6\u4e2d\u5728\u4e00\u4e2a\u6df7\u5408\u63a7\u5236\u5668\u5185\u3002\r\n\r\nEmerson ControlWave Micro Process Automation Controller\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u901a\u8fc7\u5728\u7aef\u53e320547\u4e0a\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u6570\u636e\u5305\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5f3a\u5236PLC\u5c06\u5176\u72b6\u6001\u66f4\u6539\u4e3a\u6682\u505c\u6a21\u5f0f\u3002",
  "discovererName": "Younes Dragoni of Nozomi Networks",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u5df2\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www3.emersonprocess.com/remote/support/v2/login.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03769",
  "openTime": "2018-02-28",
  "patchDescription": "ControlWave Micro\u4e3a\u4e00\u6b3e\u9ad8\u5ea6\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\uff0c\u8be5\u63a7\u5236\u5668\u5c06\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668(PLC)\u548c\u8fdc\u7a0b\u6d4b\u63a7\u7ec8\u7aef(RTU)\u7684\u72ec\u7279\u529f\u80fd\u96c6\u4e2d\u5728\u4e00\u4e2a\u6df7\u5408\u63a7\u5236\u5668\u5185\u3002\r\n\r\nEmerson ControlWave Micro Process Automation Controller\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u901a\u8fc7\u5728\u7aef\u53e320547\u4e0a\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u6570\u636e\u5305\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5f3a\u5236PLC\u5c06\u5176\u72b6\u6001\u66f4\u6539\u4e3a\u6682\u505c\u6a21\u5f0f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Emerson ControlWave Micro Process Automation Controller\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Emerson Process Management LLLP ControlWave Micro Process Automation Controller \u003c=v.05.78.00"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03",
  "serverity": "\u9ad8",
  "submitTime": "2018-02-28",
  "title": "Emerson ControlWave Micro Process Automation Controller\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-5452 (GCVE-0-2018-5452)

GSD-2018-5452

FKIE_CVE-2018-5452

GHSA-XQ5R-4H6F-R3GP

ICSA-18-058-03

VAR-201803-2080

CNVD-2018-03769

Tags

Sightings

Nomenclature