Details of VAR-201810-0388

ID

VAR-201810-0388

CVE

CVE-2018-14800

TITLE

Delta Electronics ISPSoft Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0 // CNVD: CNVD-2019-32234

DESCRIPTION

Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application. Delta Electronics ISPSoft Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of fields in DVP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics ISPSoft is a new generation of Delta PLC programming software from Delta Electronics. A failed attack can result in a denial of service. Failed exploit attempts will likely cause a denial-of-service condition

Trust: 3.24

sources: NVD: CVE-2018-14800 // JVNDB: JVNDB-2018-011166 // ZDI: ZDI-18-1139 // CNVD: CNVD-2019-32234 // BID: 105485 // IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0 // CNVD: CNVD-2019-32234

AFFECTED PRODUCTS

vendor:	deltaww	model:	ispsoft	scope:	lte	version:	3.0.5	Trust: 1.0
vendor:	delta	model:	ispsoft	scope:	lte	version:	3.0.5	Trust: 0.8
vendor:	delta industrial automation	model:	ispsoft	scope:	-	version:	-	Trust: 0.7
vendor:	delta	model:	electronics ispsoft	scope:	lte	version:	<=3.0.5	Trust: 0.6
vendor:	deltaww	model:	ispsoft	scope:	eq	version:	3.05	Trust: 0.6
vendor:	delta	model:	electronics inc ispsoft	scope:	eq	version:	3.0.5	Trust: 0.3
vendor:	delta	model:	electronics inc ispsoft	scope:	eq	version:	3.02.11	Trust: 0.3
vendor:	delta	model:	electronics inc ispsoft	scope:	eq	version:	3.0	Trust: 0.3
vendor:	delta	model:	electronics inc ispsoft	scope:	ne	version:	3.0.6	Trust: 0.3
vendor:	ispsoft	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0 // ZDI: ZDI-18-1139 // CNVD: CNVD-2019-32234 // BID: 105485 // JVNDB: JVNDB-2018-011166 // CNNVD: CNNVD-201810-100 // NVD: CVE-2018-14800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-14800
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-14800
value:	HIGH
Trust: 0.8
ZDI:	CVE-2018-14800
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2019-32234
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201810-100
value:	HIGH
Trust: 0.6
IVD:	a0ad6541-a14b-4dea-a482-1e6b57c9edc0
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2018-14800
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
CNVD:	CNVD-2019-32234
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	a0ad6541-a14b-4dea-a482-1e6b57c9edc0
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-14800
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0 // ZDI: ZDI-18-1139 // CNVD: CNVD-2019-32234 // JVNDB: JVNDB-2018-011166 // CNNVD: CNNVD-201810-100 // NVD: CVE-2018-14800

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.8
problemtype:	CWE-121	Trust: 1.0

sources: JVNDB: JVNDB-2018-011166 // NVD: CVE-2018-14800

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-100

TYPE

Buffer error

Trust: 0.8

sources: IVD: a0ad6541-a14b-4dea-a482-1e6b57c9edc0 // CNNVD: CNNVD-201810-100

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011166

PATCH

title:	Top Page	url:	http://www.deltaww.com/	Trust: 0.8
title:	Delta Industrial Automation has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-18-275-01	Trust: 0.7
title:	Patch for Delta Electronics ISPSoft Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/181347	Trust: 0.6
title:	Delta Electronics ISPSoft Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86141	Trust: 0.6

sources: ZDI: ZDI-18-1139 // CNVD: CNVD-2019-32234 // JVNDB: JVNDB-2018-011166 // CNNVD: CNNVD-201810-100

EXTERNAL IDS

db:	NVD	id:	CVE-2018-14800	Trust: 4.2
db:	ICS CERT	id:	ICSA-18-275-01	Trust: 2.7
db:	BID	id:	105485	Trust: 2.5
db:	CNVD	id:	CNVD-2019-32234	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-100	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-011166	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-6367	Trust: 0.7
db:	ZDI	id:	ZDI-18-1139	Trust: 0.7
db:	IVD	id:	A0AD6541-A14B-4DEA-A482-1E6B57C9EDC0	Trust: 0.2

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-275-01	Trust: 3.4
url:	http://www.securityfocus.com/bid/105485	Trust: 2.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14800	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14800	Trust: 0.8
url:	http://www.deltaww.com/	Trust: 0.3

sources: ZDI: ZDI-18-1139 // CNVD: CNVD-2019-32234 // BID: 105485 // JVNDB: JVNDB-2018-011166 // CNNVD: CNNVD-201810-100 // NVD: CVE-2018-14800

CREDITS

Ariele Caltabiano (kimiya)

Trust: 0.7

sources: ZDI: ZDI-18-1139

SOURCES

db:	IVD	id:	a0ad6541-a14b-4dea-a482-1e6b57c9edc0
db:	ZDI	id:	ZDI-18-1139
db:	CNVD	id:	CNVD-2019-32234
db:	BID	id:	105485
db:	JVNDB	id:	JVNDB-2018-011166
db:	CNNVD	id:	CNNVD-201810-100
db:	NVD	id:	CVE-2018-14800

LAST UPDATE DATE

2024-11-23T23:02:00.584000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-1139	date:	2018-10-10T00:00:00
db:	CNVD	id:	CNVD-2019-32234	date:	2019-09-20T00:00:00
db:	BID	id:	105485	date:	2018-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-011166	date:	2019-01-08T00:00:00
db:	CNNVD	id:	CNNVD-201810-100	date:	2019-08-05T00:00:00
db:	NVD	id:	CVE-2018-14800	date:	2024-11-21T03:49:49.317

SOURCES RELEASE DATE

db:	IVD	id:	a0ad6541-a14b-4dea-a482-1e6b57c9edc0	date:	2019-09-20T00:00:00
db:	ZDI	id:	ZDI-18-1139	date:	2018-10-10T00:00:00
db:	CNVD	id:	CNVD-2019-32234	date:	2019-09-20T00:00:00
db:	BID	id:	105485	date:	2018-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-011166	date:	2019-01-08T00:00:00
db:	CNNVD	id:	CNNVD-201810-100	date:	2018-10-08T00:00:00
db:	NVD	id:	CVE-2018-14800	date:	2018-10-03T13:29:00.243