Details of VAR-201805-1207

ID

VAR-201805-1207

TITLE

MAC1100 PLC has a denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2018-08786

DESCRIPTION

MAC1100 PLC Programmable Logic Controller (PLC) is a product in the Dalian CECE Programmable Logic Controller (PLC) series. MAC1100 PLC has a denial of service vulnerability. Attackers can use this vulnerability to construct specific network data packets to cause the PLC to deny service and affect the normal operation of the controller

Trust: 0.72

sources: CNVD: CNVD-2018-08786 // IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1 // CNVD: CNVD-2018-08786

AFFECTED PRODUCTS

vendor:	dalian university of computer control engineering	model:	mac series plc mac1100	scope:	-	version:	-	Trust: 0.6
vendor:	dalian university of computer control engineering	model:	mac series plc mac1100	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1 // CNVD: CNVD-2018-08786

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2018-08786
value:	HIGH
Trust: 0.6
IVD:	e2ee2702-39ab-11e9-96e5-000c29342cb1
value:	HIGH
Trust: 0.2

CNVD:	CNVD-2018-08786
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ee2702-39ab-11e9-96e5-000c29342cb1
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1 // CNVD: CNVD-2018-08786

TYPE

Denial of service

Trust: 0.2

sources: IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1

PATCH

title:

MAC1100 PLC has a denial of service vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/125617

Trust: 0.6

sources: CNVD: CNVD-2018-08786

EXTERNAL IDS

db:	CNVD	id:	CNVD-2018-08786	Trust: 0.8
db:	IVD	id:	E2EE2702-39AB-11E9-96E5-000C29342CB1	Trust: 0.2

sources: IVD: e2ee2702-39ab-11e9-96e5-000c29342cb1 // CNVD: CNVD-2018-08786

SOURCES

db:	IVD	id:	e2ee2702-39ab-11e9-96e5-000c29342cb1
db:	CNVD	id:	CNVD-2018-08786

LAST UPDATE DATE

2022-05-17T02:09:44.673000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2018-08786

date:

2018-05-07T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	e2ee2702-39ab-11e9-96e5-000c29342cb1	date:	2018-05-03T00:00:00
db:	CNVD	id:	CNVD-2018-08786	date:	2018-05-27T00:00:00