Details of VAR-201802-1278

ID

VAR-201802-1278

CVE

CVE-2018-7298

TITLE

eQ-3 AG HomeMatic CCU2 Cryptographic vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-002464

DESCRIPTION

In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents. An attacker with a privileged network position (which could be obtained via DNS spoofing of www.meine-homematic.de or other approaches) can exploit this issue in order to provide arbitrary malicious firmware updates to the CCU2. This can result in a full system compromise. eQ-3 AG HomeMatic CCU2 The device contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The eQ-3AGHomematicCCU2 is a central control unit for the German eQ-3 company that controls smart home devices. There is a security vulnerability in the /usr/local/etc/config/addons/mh/loopupd.sh file in the eQ-3 AG HomeMatic CCU2 version 2.29.22

Trust: 2.25

sources: NVD: CVE-2018-7298 // JVNDB: JVNDB-2018-002464 // CNVD: CNVD-2018-05830 // VULHUB: VHN-137330

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-05830

AFFECTED PRODUCTS

vendor:	eq 3	model:	homematic central control unit ccu2	scope:	eq	version:	2.29.22	Trust: 1.6
vendor:	eq 3	model:	homematic zentrale ccu2	scope:	eq	version:	2.29.22	Trust: 0.8
vendor:	eq 3	model:	ag homematic ccu2	scope:	lte	version:	<=2.29.22	Trust: 0.6

sources: CNVD: CNVD-2018-05830 // JVNDB: JVNDB-2018-002464 // CNNVD: CNNVD-201802-555 // NVD: CVE-2018-7298

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7298
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7298
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-05830
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201802-555
value:	HIGH
Trust: 0.6
VULHUB:	VHN-137330
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-7298
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-05830
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-137330
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-7298
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-05830 // VULHUB: VHN-137330 // JVNDB: JVNDB-2018-002464 // CNNVD: CNNVD-201802-555 // NVD: CVE-2018-7298

PROBLEMTYPE DATA

problemtype:	CWE-319	Trust: 1.1
problemtype:	CWE-310	Trust: 0.9

sources: VULHUB: VHN-137330 // JVNDB: JVNDB-2018-002464 // NVD: CVE-2018-7298

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-555

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201802-555

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002464

PATCH

title:

HomeMatic Zentrale CCU2

url:

http://www.eq-3.de/produkte/homematic/zentralen-und-gateways/homematic-zentrale-ccu-2.html

Trust: 0.8

sources: JVNDB: JVNDB-2018-002464

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7298	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-002464	Trust: 0.8
db:	CNVD	id:	CNVD-2018-05830	Trust: 0.6
db:	CNNVD	id:	CNNVD-201802-555	Trust: 0.6
db:	VULHUB	id:	VHN-137330	Trust: 0.1

sources: CNVD: CNVD-2018-05830 // VULHUB: VHN-137330 // JVNDB: JVNDB-2018-002464 // CNNVD: CNNVD-201802-555 // NVD: CVE-2018-7298

REFERENCES

url:	http://atomic111.github.io/article/homematic-ccu2-firmware-via-plain-http	Trust: 2.5
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7298	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7298	Trust: 0.8
url:	http	Trust: 0.6
url:	http://atomic111.github.io/article/homematic-ccu2-firmware-via-plain-	Trust: 0.6

sources: CNVD: CNVD-2018-05830 // VULHUB: VHN-137330 // JVNDB: JVNDB-2018-002464 // CNNVD: CNNVD-201802-555 // NVD: CVE-2018-7298

SOURCES

db:	CNVD	id:	CNVD-2018-05830
db:	VULHUB	id:	VHN-137330
db:	JVNDB	id:	JVNDB-2018-002464
db:	CNNVD	id:	CNNVD-201802-555
db:	NVD	id:	CVE-2018-7298

LAST UPDATE DATE

2024-11-23T22:34:19.984000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-05830	date:	2018-03-21T00:00:00
db:	VULHUB	id:	VHN-137330	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-002464	date:	2018-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201802-555	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-7298	date:	2024-11-21T04:11:57.600

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-05830	date:	2018-03-21T00:00:00
db:	VULHUB	id:	VHN-137330	date:	2018-02-22T00:00:00
db:	JVNDB	id:	JVNDB-2018-002464	date:	2018-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201802-555	date:	2018-03-06T00:00:00
db:	NVD	id:	CVE-2018-7298	date:	2018-02-22T19:29:05.140