Details of VAR-201808-0183

ID

VAR-201808-0183

CVE

CVE-2018-10598

TITLE

CNCSoft and ScreenEditor Vulnerable to out-of-bounds reading

Trust: 0.8

sources: JVNDB: JVNDB-2018-009150

DESCRIPTION

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited. CNCSoft and ScreenEditor Contains an out-of-bounds vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of DPB files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Delta Electronics CNCSoft and ScreenEditor are products of Delta Electronics. Delta Electronics CNCSoft is a set of simulation software for CNC machine tools. ScreenEditor is a set of human-machine interface programming software. An out-of-bounds read vulnerability exists in Delta Electronics CNCSoft 1.00.83 and earlier and ScreenEditor 1.00.54. Multiple stack-based buffer-overflow vulnerabilities 2

Trust: 3.69

sources: NVD: CVE-2018-10598 // JVNDB: JVNDB-2018-009150 // ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // BID: 105032

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-17872

AFFECTED PRODUCTS

vendor:	deltaww	model:	screeneditor	scope:	eq	version:	1.00.54	Trust: 1.6
vendor:	delta industrial automation	model:	cncsoft	scope:	-	version:	-	Trust: 1.4
vendor:	deltaww	model:	cncsoft	scope:	lte	version:	1.00.83	Trust: 1.0
vendor:	delta	model:	cncsoft	scope:	lte	version:	1.00.83	Trust: 0.8
vendor:	delta	model:	screeneditor	scope:	eq	version:	1.00.54	Trust: 0.8
vendor:	delta	model:	electronics cncsoft	scope:	lte	version:	<=1.00.83	Trust: 0.6
vendor:	delta	model:	electronics screeneditor	scope:	eq	version:	1.00.54	Trust: 0.6
vendor:	deltaww	model:	cncsoft	scope:	eq	version:	1.00.83	Trust: 0.6
vendor:	delta	model:	electronics inc screeneditor	scope:	eq	version:	1.0.54	Trust: 0.3
vendor:	delta	model:	electronics inc cncsoft	scope:	eq	version:	1.0.83	Trust: 0.3

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // BID: 105032 // JVNDB: JVNDB-2018-009150 // CNNVD: CNNVD-201808-309 // NVD: CVE-2018-10598

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2018-10598
value:	MEDIUM
Trust: 1.4
nvd@nist.gov:	CVE-2018-10598
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-10598
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-17872
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201808-309
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2018-10598
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2018-10598
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.4
CNVD:	CNVD-2018-17872
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-10598
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.2
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // JVNDB: JVNDB-2018-009150 // CNNVD: CNNVD-201808-309 // NVD: CVE-2018-10598

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2018-009150 // NVD: CVE-2018-10598

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-309

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201808-309

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-009150

PATCH

title:	Delta Industrial Automation has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01	Trust: 1.4
title:	Top Page	url:	http://www.deltaww.com/	Trust: 0.8
title:	Patch for Delta Electronics CNCSoft and ScreenEditor out-of-bounds read vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/138747	Trust: 0.6
title:	Delta Electronics CNCSoft and ScreenEditor Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83920	Trust: 0.6

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // JVNDB: JVNDB-2018-009150 // CNNVD: CNNVD-201808-309

EXTERNAL IDS

db:	NVD	id:	CVE-2018-10598	Trust: 4.7
db:	ICS CERT	id:	ICSA-18-219-01	Trust: 3.3
db:	BID	id:	105032	Trust: 1.9
db:	JVNDB	id:	JVNDB-2018-009150	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-6303	Trust: 0.7
db:	ZDI	id:	ZDI-18-987	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6304	Trust: 0.7
db:	ZDI	id:	ZDI-18-988	Trust: 0.7
db:	CNVD	id:	CNVD-2018-17872	Trust: 0.6
db:	CNNVD	id:	CNNVD-201808-309	Trust: 0.6

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // BID: 105032 // JVNDB: JVNDB-2018-009150 // CNNVD: CNNVD-201808-309 // NVD: CVE-2018-10598

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-219-01	Trust: 4.7
url:	http://www.securityfocus.com/bid/105032	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10598	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10598	Trust: 0.8
url:	http://www.deltaww.com/	Trust: 0.3

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988 // CNVD: CNVD-2018-17872 // BID: 105032 // JVNDB: JVNDB-2018-009150 // CNNVD: CNNVD-201808-309 // NVD: CVE-2018-10598

CREDITS

Mat Powell of Trend Micro Zero Day Initiative

Trust: 1.4

sources: ZDI: ZDI-18-987 // ZDI: ZDI-18-988

SOURCES

db:	ZDI	id:	ZDI-18-987
db:	ZDI	id:	ZDI-18-988
db:	CNVD	id:	CNVD-2018-17872
db:	BID	id:	105032
db:	JVNDB	id:	JVNDB-2018-009150
db:	CNNVD	id:	CNNVD-201808-309
db:	NVD	id:	CVE-2018-10598

LAST UPDATE DATE

2024-11-23T22:00:20.839000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-987	date:	2018-09-05T00:00:00
db:	ZDI	id:	ZDI-18-988	date:	2018-09-05T00:00:00
db:	CNVD	id:	CNVD-2018-17872	date:	2018-09-07T00:00:00
db:	BID	id:	105032	date:	2018-08-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-009150	date:	2018-11-09T00:00:00
db:	CNNVD	id:	CNNVD-201808-309	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-10598	date:	2024-11-21T03:41:38.120

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-18-987	date:	2018-09-05T00:00:00
db:	ZDI	id:	ZDI-18-988	date:	2018-09-05T00:00:00
db:	CNVD	id:	CNVD-2018-17872	date:	2018-09-07T00:00:00
db:	BID	id:	105032	date:	2018-08-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-009150	date:	2018-11-09T00:00:00
db:	CNNVD	id:	CNNVD-201808-309	date:	2018-08-13T00:00:00
db:	NVD	id:	CVE-2018-10598	date:	2018-08-13T21:47:58.743