Sign-up

ID

VAR-201808-0889


CVE

CVE-2018-3833


TITLE

Insteon Hub Firmware access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-009933

DESCRIPTION

An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the firmware version that is going to be installed and thus allows for flashing older firmware images. To trigger this vulnerability, an attacker needs to impersonate the remote server 'cache.insteon.com' and serve any signed firmware image. InsteonHub is an Insteon central controller from Insteon, USA. This product can remotely control light bulbs, wall switches, air conditioners, etc. in the home. Insteon Hub is an Insteon central controller product of Insteon Company in the United States

Trust: 2.25

sources: NVD: CVE-2018-3833 // JVNDB: JVNDB-2018-009933 // CNVD: CNVD-2018-16967 // VULHUB: VHN-133864

IOT TAXONOMY

category:['Network device']sub_category:Gateway / Hub: Open Ecosystem

Trust: 0.6

sources: CNVD: CNVD-2018-16967

AFFECTED PRODUCTS

vendor:insteonmodel:hub 2245-222scope:eqversion:1013

Trust: 1.6

vendor:insteonmodel:hubscope:eqversion:1013

Trust: 1.4

sources: CNVD: CNVD-2018-16967 // JVNDB: JVNDB-2018-009933 // CNNVD: CNNVD-201808-775 // NVD: CVE-2018-3833

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3833
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3833
value: HIGH

Trust: 1.0

NVD: CVE-2018-3833
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-16967
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201808-775
value: HIGH

Trust: 0.6

VULHUB: VHN-133864
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-3833
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-16967
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-133864
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-3833
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3833
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: CVE-2018-3833
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-16967 // VULHUB: VHN-133864 // JVNDB: JVNDB-2018-009933 // CNNVD: CNNVD-201808-775 // NVD: CVE-2018-3833 // NVD: CVE-2018-3833

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-133864 // JVNDB: JVNDB-2018-009933 // NVD: CVE-2018-3833

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-775

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201808-775

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-009933

PATCH
title:Insteon Huburl:https://www.insteon.com/insteon-hub
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-009933

EXTERNAL IDS
db:TALOSid:TALOS-2018-0512
Trust: 3.1
db:NVDid:CVE-2018-3833
Trust: 3.1
db:JVNDBid:JVNDB-2018-009933
Trust: 0.8
db:CNNVDid:CNNVD-201808-775
Trust: 0.7
db:CNVDid:CNVD-2018-16967
Trust: 0.6
db:SEEBUGid:SSVID-97359
Trust: 0.1
db:VULHUBid:VHN-133864
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-16967 // 
            
            
            
            VULHUB: VHN-133864 // 
            
            
            
            JVNDB: JVNDB-2018-009933 // 
            
            
            
            CNNVD: CNNVD-201808-775 // 
            
            
            
            NVD: CVE-2018-3833

REFERENCES
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0512
Trust: 3.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3833
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-3833
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0512
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-16967 // 
            
            
            
            VULHUB: VHN-133864 // 
            
            
            
            JVNDB: JVNDB-2018-009933 // 
            
            
            
            CNNVD: CNNVD-201808-775 // 
            
            
            
            NVD: CVE-2018-3833

SOURCES
db:CNVDid:CNVD-2018-16967
db:VULHUBid:VHN-133864
db:JVNDBid:JVNDB-2018-009933
db:CNNVDid:CNNVD-201808-775
db:NVDid:CVE-2018-3833

LAST UPDATE DATE
2024-11-23T22:55:45.234000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-16967date:2018-08-30T00:00:00
db:VULHUBid:VHN-133864date:2023-02-03T00:00:00
db:JVNDBid:JVNDB-2018-009933date:2018-11-30T00:00:00
db:CNNVDid:CNNVD-201808-775date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3833date:2024-11-21T04:06:07.980

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-16967date:2018-08-30T00:00:00
db:VULHUBid:VHN-133864date:2018-08-23T00:00:00
db:JVNDBid:JVNDB-2018-009933date:2018-11-30T00:00:00
db:CNNVDid:CNNVD-201808-775date:2018-08-24T00:00:00
db:NVDid:CVE-2018-3833date:2018-08-23T14:29:00.480