Sign-up

ID

VAR-201808-0890


CVE

CVE-2018-3834


TITLE

Insteon Hub Firmware access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008947

DESCRIPTION

An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is going to be installed and thus allows for flashing any signed firmware into any MCU. Since the device contains different and incompatible MCUs, flashing one firmware to the wrong MCU will result in a permanent brick condition. To trigger this vulnerability, an attacker needs to impersonate the remote server "cache.insteon.com" and serve a signed firmware image. InsteonHub is an Insteon central controller from Insteon, USA. This product can remotely control light bulbs, wall switches, air conditioners, etc. in the home. Insteon Hub is an Insteon central controller product of Insteon Company in the United States

Trust: 2.34

sources: NVD: CVE-2018-3834 // JVNDB: JVNDB-2018-008947 // CNVD: CNVD-2018-14950 // VULHUB: VHN-133865 // VULMON: CVE-2018-3834

IOT TAXONOMY

category:['Network device']sub_category:Gateway / Hub: Open Ecosystem

Trust: 0.6

sources: CNVD: CNVD-2018-14950

AFFECTED PRODUCTS

vendor:insteonmodel:hubscope:eqversion:1013

Trust: 2.2

vendor:insteonmodel:hubscope:eqversion:firmware 1013

Trust: 0.8

sources: CNVD: CNVD-2018-14950 // JVNDB: JVNDB-2018-008947 // CNNVD: CNNVD-201808-063 // NVD: CVE-2018-3834

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3834
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3834
value: HIGH

Trust: 1.0

NVD: CVE-2018-3834
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-14950
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201808-063
value: HIGH

Trust: 0.6

VULHUB: VHN-133865
value: HIGH

Trust: 0.1

VULMON: CVE-2018-3834
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-3834
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-14950
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:H/AU:N/C:N/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-133865
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-3834
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.2
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3834
baseSeverity: HIGH
baseScore: 8.7
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.8
version: 3.0

Trust: 1.0

NVD: CVE-2018-3834
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-14950 // VULHUB: VHN-133865 // VULMON: CVE-2018-3834 // JVNDB: JVNDB-2018-008947 // CNNVD: CNNVD-201808-063 // NVD: CVE-2018-3834 // NVD: CVE-2018-3834

PROBLEMTYPE DATA

problemtype:CWE-346

Trust: 1.1

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-133865 // JVNDB: JVNDB-2018-008947 // NVD: CVE-2018-3834

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-063

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201808-063

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008947

PATCH
title:Insteon Huburl:https://www.insteon.com/insteon-hub
Trust: 0.8
title: - url:https://github.com/Live-Hack-CVE/CVE-2018-3834 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-3834 // 
            
            
            
            JVNDB: JVNDB-2018-008947

EXTERNAL IDS
db:NVDid:CVE-2018-3834
Trust: 3.2
db:TALOSid:TALOS-2018-0513
Trust: 2.6
db:JVNDBid:JVNDB-2018-008947
Trust: 0.8
db:CNVDid:CNVD-2018-14950
Trust: 0.6
db:CNNVDid:CNNVD-201808-063
Trust: 0.6
db:SEEBUGid:SSVID-97366
Trust: 0.1
db:VULHUBid:VHN-133865
Trust: 0.1
db:VULMONid:CVE-2018-3834
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-14950 // 
            
            
            
            VULHUB: VHN-133865 // 
            
            
            
            VULMON: CVE-2018-3834 // 
            
            
            
            JVNDB: JVNDB-2018-008947 // 
            
            
            
            CNNVD: CNNVD-201808-063 // 
            
            
            
            NVD: CVE-2018-3834

REFERENCES
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0513
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-3834
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3834
Trust: 0.8
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0513
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/346.html
Trust: 0.1
url:https://github.com/live-hack-cve/cve-2018-3834
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-14950 // 
            
            
            
            VULHUB: VHN-133865 // 
            
            
            
            VULMON: CVE-2018-3834 // 
            
            
            
            JVNDB: JVNDB-2018-008947 // 
            
            
            
            CNNVD: CNNVD-201808-063 // 
            
            
            
            NVD: CVE-2018-3834

SOURCES
db:CNVDid:CNVD-2018-14950
db:VULHUBid:VHN-133865
db:VULMONid:CVE-2018-3834
db:JVNDBid:JVNDB-2018-008947
db:CNNVDid:CNNVD-201808-063
db:NVDid:CVE-2018-3834

LAST UPDATE DATE
2024-11-23T22:48:35.341000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-14950date:2018-08-09T00:00:00
db:VULHUBid:VHN-133865date:2023-02-03T00:00:00
db:VULMONid:CVE-2018-3834date:2023-02-03T00:00:00
db:JVNDBid:JVNDB-2018-008947date:2018-11-02T00:00:00
db:CNNVDid:CNNVD-201808-063date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3834date:2024-11-21T04:06:08.107

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-14950date:2018-08-09T00:00:00
db:VULHUBid:VHN-133865date:2018-08-02T00:00:00
db:VULMONid:CVE-2018-3834date:2018-08-02T00:00:00
db:JVNDBid:JVNDB-2018-008947date:2018-11-02T00:00:00
db:CNNVDid:CNNVD-201808-063date:2018-08-03T00:00:00
db:NVDid:CVE-2018-3834date:2018-08-02T19:29:00.983