VAR-201810-1416
Vulnerability from variot - Updated: 2023-12-18 12:28The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7. Auto-Maskin RP With remote panel DCU The control unit is a product that monitors and controls the ship's engine. These products have multiple vulnerabilities related to authentication and encryption that can be accessed by an attacker and take over the engine operation of the ship. Problems with hard-coded credentials (CWE-798) - CVE-2018-5399 DCU 210E No firmware Dropbear SSH server Is included, but this is not documented. Also, SSH The username and password for the connection are hard-coded and the password is easily guessable. Insufficient validation of connection source (CWE-346) - CVE-2018-5400 The product uses a proprietary protocol that is not documented to communicate with other equipment. Modbus We are communicating, but we have not verified the validity of the connection between devices. Sensitive information is sent in clear text (CWE-319) - CVE-2018-5401 The product is not encrypted Modbus Sending control information using communication. Sensitive information is sent in clear text (CWE-319) - CVE-2018-5402 The web server included in the product is an administrator using plain text that is not encrypted. PIN Sending code. These vulnerabilities Brian Satira Mr and Brian Olson Reported by him.An attacker could use this vulnerability to obtain information such as device configuration, configuration information, and sensor operating status. Also any Modbus ( control ) Information may also be sent. An hard-coded credentials security bypass Vulnerability. 2. A security-bypass vulnerability. 3. Multiple information disclosure vulnerabilities. Attackers may exploit these issues to gain unauthorized access to the affected application, or to bypass certain security restrictions to perform unauthorized actions, and obtain sensitive information. Auto-Maskin DCU-210E and RP-210E are engine control panels
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-1416",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "marine pro observer",
"scope": "eq",
"trust": 1.6,
"vendor": "auto maskin",
"version": null
},
{
"model": "dcu 210e",
"scope": "eq",
"trust": 1.6,
"vendor": "auto maskin",
"version": null
},
{
"model": "rp 210e",
"scope": "eq",
"trust": 1.6,
"vendor": "auto maskin",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "auto maskin as",
"version": null
},
{
"model": "dcu 210e",
"scope": null,
"trust": 0.8,
"vendor": "auto maskin",
"version": null
},
{
"model": "marine pro observer",
"scope": null,
"trust": 0.8,
"vendor": "auto maskin",
"version": null
},
{
"model": "rp 210e",
"scope": null,
"trust": 0.8,
"vendor": "auto maskin",
"version": null
},
{
"model": "as marine pro observer",
"scope": "eq",
"trust": 0.3,
"vendor": "auto maskin",
"version": "0"
},
{
"model": "as dcu 210e rp 210e",
"scope": "eq",
"trust": 0.3,
"vendor": "auto maskin",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#176301"
},
{
"db": "BID",
"id": "105714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:auto-maskin:rp_210e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:auto-maskin:rp_210e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:arm:arm7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.7",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:auto-maskin:dcu_210e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:auto-maskin:dcu_210e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:arm:arm7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.7",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:auto-maskin:marine_pro_observer:-:*:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5402"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Satira and Brian Olson",
"sources": [
{
"db": "BID",
"id": "105714"
}
],
"trust": 0.3
},
"cve": "CVE-2018-5402",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-135433",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cret@cert.org",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5402",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2018-5402",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-262",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135433",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135433"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7. Auto-Maskin RP With remote panel DCU The control unit is a product that monitors and controls the ship\u0027s engine. These products have multiple vulnerabilities related to authentication and encryption that can be accessed by an attacker and take over the engine operation of the ship. Problems with hard-coded credentials (CWE-798) - CVE-2018-5399 DCU 210E No firmware Dropbear SSH server Is included, but this is not documented. Also, SSH The username and password for the connection are hard-coded and the password is easily guessable. Insufficient validation of connection source (CWE-346) - CVE-2018-5400 The product uses a proprietary protocol that is not documented to communicate with other equipment. Modbus We are communicating, but we have not verified the validity of the connection between devices. Sensitive information is sent in clear text (CWE-319) - CVE-2018-5401 The product is not encrypted Modbus Sending control information using communication. Sensitive information is sent in clear text (CWE-319) - CVE-2018-5402 The web server included in the product is an administrator using plain text that is not encrypted. PIN Sending code. These vulnerabilities Brian Satira Mr and Brian Olson Reported by him.An attacker could use this vulnerability to obtain information such as device configuration, configuration information, and sensor operating status. Also any Modbus ( control ) Information may also be sent. An hard-coded credentials security bypass Vulnerability. \n2. A security-bypass vulnerability. \n3. Multiple information disclosure vulnerabilities. \nAttackers may exploit these issues to gain unauthorized access to the affected application, or to bypass certain security restrictions to perform unauthorized actions, and obtain sensitive information. Auto-Maskin DCU-210E and RP-210E are engine control panels",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CERT/CC",
"id": "VU#176301"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"db": "BID",
"id": "105714"
},
{
"db": "VULHUB",
"id": "VHN-135433"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#176301",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2018-5402",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-20-051-04",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU99039923",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0648",
"trust": 0.6
},
{
"db": "BID",
"id": "105714",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-135433",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#176301"
},
{
"db": "VULHUB",
"id": "VHN-135433"
},
{
"db": "BID",
"id": "105714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"id": "VAR-201810-1416",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-135433"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:28:38.303000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135433"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.kb.cert.org/vuls/id/176301"
},
{
"trust": 1.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-051-04"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5401"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5402"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5399"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5400"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99039923/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5399"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5400"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5401"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5402"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0648/"
},
{
"trust": 0.3,
"url": "https://www.auto-maskin.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#176301"
},
{
"db": "VULHUB",
"id": "VHN-135433"
},
{
"db": "BID",
"id": "105714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#176301"
},
{
"db": "VULHUB",
"id": "VHN-135433"
},
{
"db": "BID",
"id": "105714"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-06T00:00:00",
"db": "CERT/CC",
"id": "VU#176301"
},
{
"date": "2018-10-08T00:00:00",
"db": "VULHUB",
"id": "VHN-135433"
},
{
"date": "2018-10-06T00:00:00",
"db": "BID",
"id": "105714"
},
{
"date": "2018-10-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"date": "2018-10-08T15:29:02.977000",
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"date": "2018-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#176301"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-135433"
},
{
"date": "2018-10-06T00:00:00",
"db": "BID",
"id": "105714"
},
{
"date": "2019-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008149"
},
{
"date": "2019-10-09T23:41:18.187000",
"db": "NVD",
"id": "CVE-2018-5402"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App",
"sources": [
{
"db": "CERT/CC",
"id": "VU#176301"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-262"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…