Sign-up

ID

VAR-201805-1009


CVE

CVE-2018-9311


TITLE

Telematics Control Unit Vulnerability in protection mechanism

Trust: 0.8

sources: JVNDB: JVNDB-2018-005492

DESCRIPTION

The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the TelematicsControlUnit in BMW cars (cars produced in 2012-2018). An attacker can exploit a vulnerability for a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc

Trust: 2.61

sources: NVD: CVE-2018-9311 // JVNDB: JVNDB-2018-005492 // CNVD: CNVD-2018-11274 // BID: 104258 // VULHUB: VHN-139343 // VULMON: CVE-2018-9311

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-11274

AFFECTED PRODUCTS

vendor:bmwmodel:telematics control unitscope:eqversion: -

Trust: 1.6

vendor:bmwmodel:telematics control unitscope: - version: -

Trust: 0.8

vendor:bayerischemodel:motoren werke ag infotainment system telematicsscope: - version: -

Trust: 0.6

vendor:bayerischemodel:motoren werke ag control unitscope: - version: -

Trust: 0.6

vendor:bayerischemodel:motoren werke ag central gateway modulescope: - version: -

Trust: 0.6

vendor:bmwmodel:infotainment system telematicsscope:eqversion:0

Trust: 0.3

vendor:bmwmodel:control unitscope:eqversion:0

Trust: 0.3

vendor:bmwmodel:central gateway modulescope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2018-11274 // BID: 104258 // JVNDB: JVNDB-2018-005492 // CNNVD: CNNVD-201805-1158 // NVD: CVE-2018-9311

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-9311
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-9311
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-11274
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201805-1158
value: CRITICAL

Trust: 0.6

VULHUB: VHN-139343
value: HIGH

Trust: 0.1

VULMON: CVE-2018-9311
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-9311
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-11274
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-139343
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-9311
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-11274 // VULHUB: VHN-139343 // VULMON: CVE-2018-9311 // JVNDB: JVNDB-2018-005492 // CNNVD: CNNVD-201805-1158 // NVD: CVE-2018-9311

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-139343 // JVNDB: JVNDB-2018-005492 // NVD: CVE-2018-9311

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-1158

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201805-1158

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-005492

PATCH
title:Top Pageurl:https://www.bmw.com/en/index.html
Trust: 0.8
title:The Registerurl:https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-9311 // 
            
            
            
            JVNDB: JVNDB-2018-005492

EXTERNAL IDS
db:BIDid:104258
Trust: 3.5
db:NVDid:CVE-2018-9311
Trust: 3.5
db:JVNDBid:JVNDB-2018-005492
Trust: 0.8
db:CNNVDid:CNNVD-201805-1158
Trust: 0.7
db:CNVDid:CNVD-2018-11274
Trust: 0.6
db:VULHUBid:VHN-139343
Trust: 0.1
db:VULMONid:CVE-2018-9311
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-11274 // 
            
            
            
            VULHUB: VHN-139343 // 
            
            
            
            VULMON: CVE-2018-9311 // 
            
            
            
            BID: 104258 // 
            
            
            
            JVNDB: JVNDB-2018-005492 // 
            
            
            
            CNNVD: CNNVD-201805-1158 // 
            
            
            
            NVD: CVE-2018-9311

REFERENCES
url:http://www.securityfocus.com/bid/104258
Trust: 3.3
url:https://keenlab.tencent.com/en/experimental_security_assessment_of_bmw_cars_by_keenlab.pdf
Trust: 2.9
url:https://www.theregister.co.uk/2018/05/23/bmw_security_bugs/
Trust: 1.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9311
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-9311
Trust: 0.8
url:https://www.bmw.com/en/index.html
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/693.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-11274 // 
            
            
            
            VULHUB: VHN-139343 // 
            
            
            
            VULMON: CVE-2018-9311 // 
            
            
            
            BID: 104258 // 
            
            
            
            JVNDB: JVNDB-2018-005492 // 
            
            
            
            CNNVD: CNNVD-201805-1158 // 
            
            
            
            NVD: CVE-2018-9311

CREDITS
Keen Security Lab and Tencent.
Trust: 0.9
sources:
            
            
            BID: 104258 // 
            
            
            
            CNNVD: CNNVD-201805-1158

SOURCES
db:CNVDid:CNVD-2018-11274
db:VULHUBid:VHN-139343
db:VULMONid:CVE-2018-9311
db:BIDid:104258
db:JVNDBid:JVNDB-2018-005492
db:CNNVDid:CNNVD-201805-1158
db:NVDid:CVE-2018-9311

LAST UPDATE DATE
2024-11-23T22:06:49.773000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-11274date:2018-06-12T00:00:00
db:VULHUBid:VHN-139343date:2018-06-29T00:00:00
db:VULMONid:CVE-2018-9311date:2018-06-29T00:00:00
db:BIDid:104258date:2018-05-22T00:00:00
db:JVNDBid:JVNDB-2018-005492date:2018-07-18T00:00:00
db:CNNVDid:CNNVD-201805-1158date:2020-07-24T00:00:00
db:NVDid:CVE-2018-9311date:2024-11-21T04:15:18.913

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-11274date:2018-06-12T00:00:00
db:VULHUBid:VHN-139343date:2018-05-31T00:00:00
db:VULMONid:CVE-2018-9311date:2018-05-31T00:00:00
db:BIDid:104258date:2018-05-22T00:00:00
db:JVNDBid:JVNDB-2018-005492date:2018-07-18T00:00:00
db:CNNVDid:CNNVD-201805-1158date:2018-06-01T00:00:00
db:NVDid:CVE-2018-9311date:2018-05-31T12:29:00.283