ID

VAR-201809-0087


CVE

CVE-2018-10602


TITLE

WECON LeviStudio Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-010418

DESCRIPTION

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. WECON LeviStudio Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the UserMgr.xml file. When parsing the GroupList ID element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. WECON LeviStudio is a set of human interface programming software from WECON, China

Trust: 11.16

sources: NVD: CVE-2018-10602 // JVNDB: JVNDB-2018-010418 // ZDI: ZDI-18-824 // ZDI: ZDI-18-871 // ZDI: ZDI-18-991 // ZDI: ZDI-18-801 // ZDI: ZDI-18-821 // ZDI: ZDI-18-831 // ZDI: ZDI-18-851 // ZDI: ZDI-18-861 // ZDI: ZDI-18-811 // ZDI: ZDI-18-841 // ZDI: ZDI-18-791 // ZDI: ZDI-18-850 // ZDI: ZDI-18-805 // ZDI: ZDI-18-828 // CNVD: CNVD-2018-14455 // IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1 // CNVD: CNVD-2018-14455

AFFECTED PRODUCTS

vendor:weconmodel:levistudiouscope: - version: -

Trust: 9.8

vendor:we conmodel:levistudiouscope:eqversion:1.8.44

Trust: 1.6

vendor:we conmodel:levistudiouscope:eqversion:1.8.29

Trust: 1.6

vendor:weconmodel:levistudiouscope:eqversion:1.8.29

Trust: 1.4

vendor:weconmodel:levistudiouscope:eqversion:1.8.44

Trust: 1.4

vendor:levistudioumodel: - scope:eqversion:1.8.29

Trust: 0.2

vendor:levistudioumodel: - scope:eqversion:1.8.44

Trust: 0.2

sources: IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1 // ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-801 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871 // CNVD: CNVD-2018-14455 // JVNDB: JVNDB-2018-010418 // CNNVD: CNNVD-201808-310 // NVD: CVE-2018-10602

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2018-10602
value: HIGH

Trust: 9.8

nvd@nist.gov: CVE-2018-10602
value: HIGH

Trust: 1.0

NVD: CVE-2018-10602
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-14455
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201808-310
value: HIGH

Trust: 0.6

IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-10602
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 11.6

CNVD: CNVD-2018-14455
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-10602
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-10602
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1 // ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-801 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871 // CNVD: CNVD-2018-14455 // JVNDB: JVNDB-2018-010418 // CNNVD: CNNVD-201808-310 // NVD: CVE-2018-10602

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.8

sources: JVNDB: JVNDB-2018-010418 // NVD: CVE-2018-10602

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-310

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1 // CNNVD: CNNVD-201808-310

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010418

PATCH

title:Wecon has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.03/07/18 - ZDI disclosed the report to ICS-CERT03/12/18 - ICS-CERT assigned ICS‑VU‑031741 and notified ZDI07/06/18 - ZDI inquired the status of ICS‑VU‑03174107/09/18 - ICS-CERT replied that they would advise the vendor07/19/18 - ZDI advised ICS-CERT of the intended 0-day date: 07/26/2018-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03

Trust: 9.8

title:Top Pageurl:http://www.we-con.com.cn/en/index.aspx

Trust: 0.8

title:WECON (wei control) LeviStudioU stack heap buffer overflow vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/136079

Trust: 0.6

sources: ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-801 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871 // CNVD: CNVD-2018-14455 // JVNDB: JVNDB-2018-010418

EXTERNAL IDS

db:NVDid:CVE-2018-10602

Trust: 13.0

db:ICS CERTid:ICSA-18-212-03

Trust: 3.0

db:BIDid:104935

Trust: 1.6

db:CNVDid:CNVD-2018-14455

Trust: 0.8

db:CNNVDid:CNNVD-201808-310

Trust: 0.8

db:JVNDBid:JVNDB-2018-010418

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-5905

Trust: 0.7

db:ZDIid:ZDI-18-824

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5909

Trust: 0.7

db:ZDIid:ZDI-18-828

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5870

Trust: 0.7

db:ZDIid:ZDI-18-805

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5931

Trust: 0.7

db:ZDIid:ZDI-18-850

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5794

Trust: 0.7

db:ZDIid:ZDI-18-791

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5922

Trust: 0.7

db:ZDIid:ZDI-18-841

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5865

Trust: 0.7

db:ZDIid:ZDI-18-811

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5942

Trust: 0.7

db:ZDIid:ZDI-18-861

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5932

Trust: 0.7

db:ZDIid:ZDI-18-851

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5912

Trust: 0.7

db:ZDIid:ZDI-18-831

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5902

Trust: 0.7

db:ZDIid:ZDI-18-821

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5805

Trust: 0.7

db:ZDIid:ZDI-18-801

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-6056

Trust: 0.7

db:ZDIid:ZDI-18-991

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5971

Trust: 0.7

db:ZDIid:ZDI-18-871

Trust: 0.7

db:IVDid:E2F727B1-39AB-11E9-8FF0-000C29342CB1

Trust: 0.2

sources: IVD: e2f727b1-39ab-11e9-8ff0-000c29342cb1 // ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-801 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871 // CNVD: CNVD-2018-14455 // JVNDB: JVNDB-2018-010418 // CNNVD: CNNVD-201808-310 // NVD: CVE-2018-10602

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-18-212-03

Trust: 12.8

url:http://www.securityfocus.com/bid/104935

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10602

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-10602

Trust: 0.8

sources: ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-801 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871 // CNVD: CNVD-2018-14455 // JVNDB: JVNDB-2018-010418 // CNNVD: CNNVD-201808-310 // NVD: CVE-2018-10602

CREDITS

Mat Powell of Trend Micro Zero Day Initiative

Trust: 9.1

sources: ZDI: ZDI-18-824 // ZDI: ZDI-18-828 // ZDI: ZDI-18-805 // ZDI: ZDI-18-850 // ZDI: ZDI-18-791 // ZDI: ZDI-18-841 // ZDI: ZDI-18-811 // ZDI: ZDI-18-861 // ZDI: ZDI-18-851 // ZDI: ZDI-18-831 // ZDI: ZDI-18-821 // ZDI: ZDI-18-991 // ZDI: ZDI-18-871

SOURCES

db:IVDid:e2f727b1-39ab-11e9-8ff0-000c29342cb1
db:ZDIid:ZDI-18-824
db:ZDIid:ZDI-18-828
db:ZDIid:ZDI-18-805
db:ZDIid:ZDI-18-850
db:ZDIid:ZDI-18-791
db:ZDIid:ZDI-18-841
db:ZDIid:ZDI-18-811
db:ZDIid:ZDI-18-861
db:ZDIid:ZDI-18-851
db:ZDIid:ZDI-18-831
db:ZDIid:ZDI-18-821
db:ZDIid:ZDI-18-801
db:ZDIid:ZDI-18-991
db:ZDIid:ZDI-18-871
db:CNVDid:CNVD-2018-14455
db:JVNDBid:JVNDB-2018-010418
db:CNNVDid:CNNVD-201808-310
db:NVDid:CVE-2018-10602

LAST UPDATE DATE

2024-12-06T12:47:17.894000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-18-824date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-828date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-805date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-850date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-791date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-841date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-811date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-861date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-851date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-831date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-821date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-801date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-991date:2018-09-05T00:00:00
db:ZDIid:ZDI-18-871date:2018-08-02T00:00:00
db:CNVDid:CNVD-2018-14455date:2018-08-02T00:00:00
db:JVNDBid:JVNDB-2018-010418date:2018-12-13T00:00:00
db:CNNVDid:CNNVD-201808-310date:2019-10-17T00:00:00
db:NVDid:CVE-2018-10602date:2024-11-21T03:41:38.663

SOURCES RELEASE DATE

db:IVDid:e2f727b1-39ab-11e9-8ff0-000c29342cb1date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-824date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-828date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-805date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-850date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-791date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-841date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-811date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-861date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-851date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-831date:2018-08-02T00:00:00
db:ZDIid:ZDI-18-821date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-801date:2018-07-26T00:00:00
db:ZDIid:ZDI-18-991date:2018-09-05T00:00:00
db:ZDIid:ZDI-18-871date:2018-07-26T00:00:00
db:CNVDid:CNVD-2018-14455date:2018-08-02T00:00:00
db:JVNDBid:JVNDB-2018-010418date:2018-12-13T00:00:00
db:CNNVDid:CNNVD-201808-310date:2018-08-13T00:00:00
db:NVDid:CVE-2018-10602date:2018-09-26T18:29:00.323