Details of VAR-201809-0160

ID

VAR-201809-0160

CVE

CVE-2018-14827

TITLE

Rockwell Automation RSLinx Classic Vulnerabilities related to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-010788

DESCRIPTION

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality. The solution supports access to Rockwell Software and Allen-Bradley applications via Allen-Bradley programmable controllers. A stack-based buffer-overflow vulnerability. 2. A heap-based buffer-overflow vulnerability. 3. A denial-of-service vulnerability. Attackers can exploit these issues to execute arbitrary code, obtain sensitive information or cause the affected application to crash

Trust: 2.7

sources: NVD: CVE-2018-14827 // JVNDB: JVNDB-2018-010788 // CNVD: CNVD-2019-09766 // BID: 108501 // IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // VULHUB: VHN-125025

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // CNVD: CNVD-2019-09766

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	rslinx	scope:	lte	version:	4.00.01	Trust: 1.0
vendor:	rockwell automation	model:	rslinx classic	scope:	lte	version:	4.00.01	Trust: 0.8
vendor:	rockwall	model:	automation rslinx classic	scope:	lte	version:	<=4.00.01	Trust: 0.6
vendor:	rockwellautomation	model:	rslinx	scope:	eq	version:	4.00.01	Trust: 0.6
vendor:	rockwell	model:	automation rslinx classic	scope:	eq	version:	4.00.01	Trust: 0.3
vendor:	rockwell	model:	automation rslinx classic	scope:	eq	version:	3.90.01	Trust: 0.3
vendor:	rockwell	model:	automation rslinx classic	scope:	eq	version:	3.73.00	Trust: 0.3
vendor:	rockwell	model:	automation rslinx classic	scope:	eq	version:	3.72.00	Trust: 0.3
vendor:	rockwell	model:	automation rslinx classic	scope:	eq	version:	1.0.5.1	Trust: 0.3
vendor:	rslinx	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // CNVD: CNVD-2019-09766 // BID: 108501 // JVNDB: JVNDB-2018-010788 // CNNVD: CNNVD-201809-949 // NVD: CVE-2018-14827

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-14827
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-14827
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-09766
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201809-949
value:	HIGH
Trust: 0.6
IVD:	5b48244a-d5d3-4be0-aa54-a054132fcf9e
value:	HIGH
Trust: 0.2
VULHUB:	VHN-125025
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-14827
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-09766
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	5b48244a-d5d3-4be0-aa54-a054132fcf9e
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-125025
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-14827
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // CNVD: CNVD-2019-09766 // VULHUB: VHN-125025 // JVNDB: JVNDB-2018-010788 // CNNVD: CNNVD-201809-949 // NVD: CVE-2018-14827

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-125025 // JVNDB: JVNDB-2018-010788 // NVD: CVE-2018-14827

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-949

TYPE

Resource management error

Trust: 0.8

sources: IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // CNNVD: CNNVD-201809-949

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010788

PATCH

title:	RSLinx	url:	https://www.rockwellautomation.com/rockwellsoftware/products/rslinx.page	Trust: 0.8
title:	Patch for Rockwell Automation RSLinx Classic Denial of Service Vulnerability (CNVD-2019-09766)	url:	https://www.cnvd.org.cn/patchInfo/show/158513	Trust: 0.6
title:	Rockwell Automation RSLinx Classic Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85064	Trust: 0.6

sources: CNVD: CNVD-2019-09766 // JVNDB: JVNDB-2018-010788 // CNNVD: CNNVD-201809-949

EXTERNAL IDS

db:	NVD	id:	CVE-2018-14827	Trust: 3.6
db:	ICS CERT	id:	ICSA-18-263-02	Trust: 2.8
db:	CNNVD	id:	CNNVD-201809-949	Trust: 0.9
db:	CNVD	id:	CNVD-2019-09766	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-010788	Trust: 0.8
db:	BID	id:	108501	Trust: 0.3
db:	IVD	id:	5B48244A-D5D3-4BE0-AA54-A054132FCF9E	Trust: 0.2
db:	VULHUB	id:	VHN-125025	Trust: 0.1

sources: IVD: 5b48244a-d5d3-4be0-aa54-a054132fcf9e // CNVD: CNVD-2019-09766 // VULHUB: VHN-125025 // BID: 108501 // JVNDB: JVNDB-2018-010788 // CNNVD: CNNVD-201809-949 // NVD: CVE-2018-14827

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-263-02	Trust: 2.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14827	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14827	Trust: 0.8
url:	https://www.rockwellautomation.com/en_in/overview.page	Trust: 0.3

sources: CNVD: CNVD-2019-09766 // VULHUB: VHN-125025 // BID: 108501 // JVNDB: JVNDB-2018-010788 // CNNVD: CNNVD-201809-949 // NVD: CVE-2018-14827

CREDITS

Tenable and Younes Dragoni and Alessandro Di Pinto of Nozomi Networks

Trust: 0.3

sources: BID: 108501

SOURCES

db:	IVD	id:	5b48244a-d5d3-4be0-aa54-a054132fcf9e
db:	CNVD	id:	CNVD-2019-09766
db:	VULHUB	id:	VHN-125025
db:	BID	id:	108501
db:	JVNDB	id:	JVNDB-2018-010788
db:	CNNVD	id:	CNNVD-201809-949
db:	NVD	id:	CVE-2018-14827

LAST UPDATE DATE

2024-11-23T21:52:50.693000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-09766	date:	2019-04-12T00:00:00
db:	VULHUB	id:	VHN-125025	date:	2019-10-09T00:00:00
db:	BID	id:	108501	date:	2018-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-010788	date:	2018-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201809-949	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-14827	date:	2024-11-21T03:49:52.867

SOURCES RELEASE DATE

db:	IVD	id:	5b48244a-d5d3-4be0-aa54-a054132fcf9e	date:	2019-04-12T00:00:00
db:	CNVD	id:	CNVD-2019-09766	date:	2019-04-12T00:00:00
db:	VULHUB	id:	VHN-125025	date:	2018-09-20T00:00:00
db:	BID	id:	108501	date:	2018-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2018-010788	date:	2018-12-21T00:00:00
db:	CNNVD	id:	CNNVD-201809-949	date:	2018-09-21T00:00:00
db:	NVD	id:	CVE-2018-14827	date:	2018-09-20T19:29:00.580