cvelistv5 - cve-2018-5457

CVE-2018-5457 (GCVE-0-2018-5457)

Vulnerability from cvelistv5 – Published: 2018-02-06 20:00 – Updated: 2024-08-05 05:33

Summary

Severity ?

No CVSS data available.

CWE

CWE-427

Assigner

icscert

References

URL

	Vendor	Product	Version
	n/a	Vyaire Medical CareFusion Upgrade Utility Vulnerability	Affected: Vyaire Medical CareFusion Upgrade Utility Vulnerability

GHSA-2R6V-6PXX-64X8

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32

Details

Severity ?

7.0 (High)


                  
                    CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-5457"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-06T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.",
  "id": "GHSA-2r6v-6pxx-64x8",
  "modified": "2022-05-13T01:32:08Z",
  "published": "2022-05-13T01:32:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5457"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102983"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSMA-18-037-01

Vulnerability from csaf_cisa - Published: 2018-02-06 00:00 - Updated: 2018-02-06 00:00

Summary

Vyaire Medical CareFusion Upgrade Utility Vulnerability

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical 's CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability.

Recommended Practices

NCCIC recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

In addition, NCCIC recommends that users take the following measures to protect themselves from social engineering attacks:

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Mark Cross (@xerubus)"
        ],
        "summary": "identifying an uncontrolled search path element vulnerability in Vyaire Medical \u0027s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Independent researcher Mark Cross (@xerubus) has identified an uncontrolled search path element vulnerability in Vyaire Medical \u0027s CareFusion Upgrade Utility application. Vyaire Medical has produced an update that mitigates this vulnerability.",
        "title": "Risk evaluation"
      },
      {
        "category": "general",
        "text": "NCCIC recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "In addition, NCCIC recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-18-037-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsma-18-037-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-18-037-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-037-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-037-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/content/recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/"
      }
    ],
    "title": "Vyaire Medical CareFusion Upgrade Utility Vulnerability",
    "tracking": {
      "current_release_date": "2018-02-06T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSMA-18-037-01",
      "initial_release_date": "2018-02-06T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-02-06T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSMA-18-037-01 Vyaire Medical CareFusion Upgrade Utility Vulnerability"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 2.0.2.2",
                "product": {
                  "name": "CareFusion Upgrade Utility used with Windows XP systems: Versions 2.0.2.2 and prior versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "CareFusion Upgrade Utility used with Windows XP systems"
          }
        ],
        "category": "vendor",
        "name": "Vyaire Medical"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-5457",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application. CVE-2018-5457 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5457"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Vyaire Medical is no longer supporting the CareFusion Upgrade Utility v2.0.2.2 and recommends that users upgrade to the newer Vyaire Upgrade Utility v2.0.3.0. This updated Upgrade Utility will not install on Windows XP and will require updating the underlying system to Windows 7 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Vyaire Medical has released a Product Security Bulletin, available at the following URL:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.vyaire.com/productsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.vyaire.com/productsecurity"
        },
        {
          "category": "vendor_fix",
          "details": "The Vyaire Upgrade Utility v2.0.3.0 update is available at the following URL:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://www.vyaire.com/us/our-products/respiratory-care/pulmonary-function-testing/spirometers/spirometry-software-and-firmware-downloads",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.vyaire.com/us/our-products/respiratory-care/pulmonary-function-testing/spirometers/spirometry-software-and-firmware-downloads"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

VAR-201802-1046

Vulnerability from variot - Updated: 2023-12-18 13:43

A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application. CareFusion Upgrade Utility is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary code with administrative privileges

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201802-1046",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "carefusion upgrade utility",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "vyaire",
        "version": "2.0.2.2"
      },
      {
        "model": "carefusion upgrade utility",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "vyaire",
        "version": "2.0.2.2"
      },
      {
        "model": "carefusion upgrade utility",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "vyaire medical",
        "version": "2.0.2.2"
      },
      {
        "model": "medical carefusion upgrade utility",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "vyaire",
        "version": "\u003c=2.0.2.2"
      },
      {
        "model": "carefusion upgrade utility",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vyaire",
        "version": "2.0.3.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "carefusion upgrade utility",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:vyaire:carefusion_upgrade_utility:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.0.2.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mark Cross (@xerubus)",
    "sources": [
      {
        "db": "BID",
        "id": "102983"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-5457",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 6.9,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2018-5457",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "CNVD-2018-03304",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "e2e378a2-39ab-11e9-a253-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.0,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.0,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-5457",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-5457",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-03304",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201802-151",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2e378a2-39ab-11e9-a253-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application. CareFusion Upgrade Utility is prone to a local privilege-escalation vulnerability. \nLocal attackers may exploit this issue to execute arbitrary code with administrative privileges",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-5457",
        "trust": 3.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSMA-18-037-01",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "102983",
        "trust": 1.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2E378A2-39AB-11E9-A253-000C29342CB1",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "id": "VAR-201802-1046",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      }
    ],
    "trust": 1.8
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:43:49.891000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.vyaire.com/"
      },
      {
        "title": "Vyaire Medical CareFusion Upgrade Utility privilege escalation patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/116473"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-427",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-037-01"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/102983"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5457"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5457"
      },
      {
        "trust": 0.3,
        "url": "https://www.vyaire.com/us"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-13T00:00:00",
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "date": "2018-02-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "date": "2018-02-06T00:00:00",
        "db": "BID",
        "id": "102983"
      },
      {
        "date": "2018-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "date": "2018-02-06T21:29:00.473000",
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "date": "2018-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-02-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-03304"
      },
      {
        "date": "2018-02-06T00:00:00",
        "db": "BID",
        "id": "102983"
      },
      {
        "date": "2018-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      },
      {
        "date": "2019-10-09T23:41:23.797000",
        "db": "NVD",
        "id": "CVE-2018-5457"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "102983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vyaire Medical CareFusion Upgrade Utility Vulnerabilities in uncontrolled search path elements",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002233"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code problem",
    "sources": [
      {
        "db": "IVD",
        "id": "e2e378a2-39ab-11e9-a253-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201802-151"
      }
    ],
    "trust": 0.8
  }
}

FKIE_CVE-2018-5457

Vulnerability from fkie_nvd - Published: 2018-02-06 21:29 - Updated: 2024-11-21 04:08

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/102983	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102983	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01	Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	vyaire	carefusion_upgrade_utility	*
	microsoft	windows_xp	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vyaire:carefusion_upgrade_utility:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B2D1C6A-8C44-4993-9DC1-2A92F8B42A25",
              "versionEndIncluding": "2.0.2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de elemento de ruta de b\u00fasqueda no controlado en Vyaire Medical CareFusion Upgrade Utility, empleado en sistemas Windows XP, en versiones 2.0.2.2 y anteriores. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad requiere que el usuario local instale un DLL malicioso en la m\u00e1quina objetivo. La aplicaci\u00f3n carga el DLL y proporciona al atacante acceso al mismo nivel de privilegios que la aplicaci\u00f3n."
    }
  ],
  "id": "CVE-2018-5457",
  "lastModified": "2024-11-21T04:08:50.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-06T21:29:00.473",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102983"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2018-5457

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-5457

Aliases

CVE-2018-5457

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-5457",
    "description": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.",
    "id": "GSD-2018-5457"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-5457"
      ],
      "details": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.",
      "id": "GSD-2018-5457",
      "modified": "2023-12-13T01:22:40.459437Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2018-5457",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Vyaire Medical CareFusion Upgrade Utility Vulnerability",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Vyaire Medical CareFusion Upgrade Utility Vulnerability"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-427"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01"
          },
          {
            "name": "102983",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/102983"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:vyaire:carefusion_upgrade_utility:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.0.2.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-5457"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-427"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01"
            },
            {
              "name": "102983",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/102983"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:41Z",
      "publishedDate": "2018-02-06T21:29Z"
    }
  }
}

CNVD-2018-03304

Vulnerability from cnvd - Published: 2018-02-13

Title

Vyaire Medical CareFusion Upgrade Utility权限提升

Description

Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems是美国Vyaire Medical公司的一款基于Windows XP平台的用于升级呼吸机固件的实用程序。基于Windows XP平台的Vyaire Medical CareFusion Upgrade Utility 2.0.2.2及之前版本中存在安全漏洞。本地攻击者可通过安装特制的DLL利用该漏洞获得与该应用程序相同的访问权限。

Severity

中

Patch Name

Vyaire Medical CareFusion Upgrade Utility权限提升的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-5457 https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01

Impacted products

Name
Vyaire Medical CareFusion Upgrade Utility <=2.0.2.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-5457"
    }
  },
  "description": "Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems\u662f\u7f8e\u56fdVyaire Medical\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eWindows XP\u5e73\u53f0\u7684\u7528\u4e8e\u5347\u7ea7\u547c\u5438\u673a\u56fa\u4ef6\u7684\u5b9e\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u57fa\u4e8eWindows XP\u5e73\u53f0\u7684Vyaire Medical CareFusion Upgrade Utility 2.0.2.2\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5b89\u88c5\u7279\u5236\u7684DLL\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u4e0e\u8be5\u5e94\u7528\u7a0b\u5e8f\u76f8\u540c\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "Unknow",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03304",
  "openTime": "2018-02-13",
  "patchDescription": "Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems\u662f\u7f8e\u56fdVyaire Medical\u516c\u53f8\u7684\u4e00\u6b3e\u57fa\u4e8eWindows XP\u5e73\u53f0\u7684\u7528\u4e8e\u5347\u7ea7\u547c\u5438\u673a\u56fa\u4ef6\u7684\u5b9e\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u57fa\u4e8eWindows XP\u5e73\u53f0\u7684Vyaire Medical CareFusion Upgrade Utility 2.0.2.2\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5b89\u88c5\u7279\u5236\u7684DLL\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u4e0e\u8be5\u5e94\u7528\u7a0b\u5e8f\u76f8\u540c\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Vyaire Medical CareFusion Upgrade Utility\u6743\u9650\u63d0\u5347\u7684\u8865\u4e01",
  "products": {
    "product": "Vyaire Medical CareFusion Upgrade Utility \u003c=2.0.2.2"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-5457\r\nhttps://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01",
  "serverity": "\u4e2d",
  "submitTime": "2018-02-07",
  "title": "Vyaire Medical CareFusion Upgrade Utility\u6743\u9650\u63d0\u5347"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-5457 (GCVE-0-2018-5457)

GHSA-2R6V-6PXX-64X8

ICSMA-18-037-01

VAR-201802-1046

FKIE_CVE-2018-5457

GSD-2018-5457

CNVD-2018-03304

Tags

Sightings

Nomenclature