VAR-201806-0554
Vulnerability from variot - Updated: 2023-12-18 13:52Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. Industrial Automation COMMGR 1.08 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0554",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "commgr",
"scope": null,
"trust": 2.8,
"vendor": "delta industrial automation",
"version": null
},
{
"model": "commgr",
"scope": "lte",
"trust": 1.0,
"vendor": "deltaww",
"version": "1.08"
},
{
"model": "commgr",
"scope": "lte",
"trust": 0.8,
"vendor": "delta",
"version": "1.08"
},
{
"model": "electronics delta industrial automation commgr",
"scope": "lte",
"trust": 0.6,
"vendor": "delta",
"version": "\u003c=1.08"
},
{
"model": "electronics delta industrial automation commgr ahsim 5x0",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr ahsim 5x1",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr dvpsimulator eh2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr dvpsimulator eh3",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr dvpsimulator es2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr dvpsimulator se",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics delta industrial automation commgr dvpsimulator ss2",
"scope": null,
"trust": 0.6,
"vendor": "delta",
"version": null
},
{
"model": "commgr",
"scope": "eq",
"trust": 0.6,
"vendor": "deltaww",
"version": "1.08"
},
{
"model": "electronics inc industrial automation commgr",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "1.08"
},
{
"model": "electronics inc dvpsimulator ss2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"model": "electronics inc dvpsimulator se",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"model": "electronics inc dvpsimulator es2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"model": "electronics inc dvpsimulator eh3",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"model": "electronics inc dvpsimulator eh2",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "0"
},
{
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x1"
},
{
"model": "electronics inc ahsim",
"scope": "eq",
"trust": 0.3,
"vendor": "delta",
"version": "5x0"
},
{
"model": "electronics inc industrial automation commgr",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "1.09"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "commgr",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:deltaww:commgr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.08",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_h3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_es2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_ss2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_ahsim_5x1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_eh2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:deltaww:dvpsimulator_ahsim_5x0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
}
],
"trust": 2.8
},
"cve": "CVE-2018-10594",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-10594",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 3.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-12128",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10594",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-10594",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10594",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten. This may allow remote code execution, cause the application to crash, or result in a denial-of-service condition in the application server. Delta Industrial Automation COMMGR Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process. Delta Industrial Automation COMMGR is a communications management software from Delta Electronics. Failed exploit attempts will likely cause a denial-of-service condition. \nIndustrial Automation COMMGR 1.08 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
}
],
"trust": 5.13
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10594",
"trust": 6.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-172-01",
"trust": 2.7
},
{
"db": "BID",
"id": "104529",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "45574",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "44965",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-12128",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5668",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-587",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5666",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-586",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5667",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-588",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5665",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-585",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2FF3E01-39AB-11E9-A6A4-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"id": "VAR-201806-0554",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
}
]
},
"last_update_date": "2023-12-18T13:52:39.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Delta Industrial Automation has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-172-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.deltaww.com/"
},
{
"title": "Patch for Delta Electronics Delta Industrial Automation COMMGR Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/132857"
},
{
"title": "Delta Industrial Automation COMMGR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=81478"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-172-01"
},
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/104529"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/44965/"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/45574/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10594"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10594"
},
{
"trust": 0.3,
"url": "http://www.deltaww.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"db": "BID",
"id": "104529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-27T00:00:00",
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"date": "2018-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529"
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"date": "2018-06-26T20:29:00.227000",
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"date": "2018-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-587"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-586"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-588"
},
{
"date": "2018-06-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-585"
},
{
"date": "2018-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12128"
},
{
"date": "2018-06-21T00:00:00",
"db": "BID",
"id": "104529"
},
{
"date": "2018-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"date": "2019-10-09T23:32:52.087000",
"db": "NVD",
"id": "CVE-2018-10594"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Delta Industrial Automation COMMGR Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006826"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2ff3e01-39ab-11e9-a6a4-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-1170"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…