Sign-up

ID

VAR-201806-1809


TITLE

Code execution vulnerability in Beijing Jiekong FameView configuration software

Trust: 0.6

sources: CNVD: CNVD-2018-11001

DESCRIPTION

FameView configuration software is a high-performance configuration monitoring software company independently developed by Beijing Jiekong Company, which is a collection of years of engineering application and service experience based on Windows operating system. There is a code execution vulnerability in FameView configuration software V7.6.12.4. Attackers can use malicious software to execute arbitrary code DLL files on the target system

Trust: 0.72

sources: CNVD: CNVD-2018-11001 // IVD: e2f41a72-39ab-11e9-b608-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2f41a72-39ab-11e9-b608-000c29342cb1 // CNVD: CNVD-2018-11001

AFFECTED PRODUCTS

vendor:jiekongmodel:fameview configuration softwarescope:eqversion:v7.6.12.4

Trust: 0.8

sources: IVD: e2f41a72-39ab-11e9-b608-000c29342cb1 // CNVD: CNVD-2018-11001

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-11001
value: MEDIUM

Trust: 0.6

IVD: e2f41a72-39ab-11e9-b608-000c29342cb1
value: MEDIUM

Trust: 0.2

CNVD: CNVD-2018-11001
severity: MEDIUM
baseScore: 6.2
vectorString: AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2f41a72-39ab-11e9-b608-000c29342cb1
severity: MEDIUM
baseScore: 6.2
vectorString: AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: e2f41a72-39ab-11e9-b608-000c29342cb1 // CNVD: CNVD-2018-11001

TYPE

Code injection

Trust: 0.2

sources: IVD: e2f41a72-39ab-11e9-b608-000c29342cb1

PATCH

title:Code execution vulnerability in Beijing Jiekong FameView configuration softwareurl:https://www.cnvd.org.cn/patchinfo/show/130049

Trust: 0.6

sources: CNVD: CNVD-2018-11001

EXTERNAL IDS

db:CNVDid:CNVD-2018-11001

Trust: 0.8

db:IVDid:E2F41A72-39AB-11E9-B608-000C29342CB1

Trust: 0.2

sources: IVD: e2f41a72-39ab-11e9-b608-000c29342cb1 // CNVD: CNVD-2018-11001

SOURCES

db:IVDid:e2f41a72-39ab-11e9-b608-000c29342cb1
db:CNVDid:CNVD-2018-11001

LAST UPDATE DATE

2022-05-17T01:47:52.330000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-11001date:2018-06-25T00:00:00

SOURCES RELEASE DATE

db:IVDid:e2f41a72-39ab-11e9-b608-000c29342cb1date:2018-06-05T00:00:00
db:CNVDid:CNVD-2018-11001date:2018-07-07T00:00:00