Sign-up

ID

VAR-201810-0466


CVE

CVE-2018-17929


TITLE

Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Trust: 2.8

sources: ZDI: ZDI-18-1238 // ZDI: ZDI-18-1240 // ZDI: ZDI-18-1236 // ZDI: ZDI-18-1241

DESCRIPTION

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code. Delta Industrial Automation TPEditor Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of project files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Industrial Automation TPEditor is a Windows-based Delta text panel programming software from Delta Electronics. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 6.39

sources: NVD: CVE-2018-17929 // JVNDB: JVNDB-2018-013718 // ZDI: ZDI-18-1244 // ZDI: ZDI-18-1238 // ZDI: ZDI-18-1243 // ZDI: ZDI-18-1240 // ZDI: ZDI-18-1236 // ZDI: ZDI-18-1241 // CNVD: CNVD-2018-20872 // BID: 105682 // IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1 // CNVD: CNVD-2018-20872

AFFECTED PRODUCTS

vendor:delta industrial automationmodel:tpeditorscope: - version: -

Trust: 4.2

vendor:deltawwmodel:tpeditorscope:lteversion:1.90

Trust: 1.0

vendor:deltamodel:tpeditorscope:lteversion:1.90

Trust: 0.8

vendor:deltamodel:electronics delta industrial automation tpeditorscope:lteversion:<=1.90

Trust: 0.6

vendor:deltamodel:electronics inc delta industrial automation tpeditorscope:eqversion:1.90

Trust: 0.3

vendor:deltamodel:electronics inc delta industrial automation tpeditorscope:eqversion:1.89

Trust: 0.3

vendor:deltamodel:electronics inc delta industrial automation tpeditorscope:neversion:1.91

Trust: 0.3

vendor:tpeditormodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1 // ZDI: ZDI-18-1244 // ZDI: ZDI-18-1238 // ZDI: ZDI-18-1243 // ZDI: ZDI-18-1240 // ZDI: ZDI-18-1236 // ZDI: ZDI-18-1241 // CNVD: CNVD-2018-20872 // BID: 105682 // JVNDB: JVNDB-2018-013718 // NVD: CVE-2018-17929

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2018-17929
value: MEDIUM

Trust: 2.8

ZDI: CVE-2018-17929
value: HIGH

Trust: 1.4

nvd@nist.gov: CVE-2018-17929
value: HIGH

Trust: 1.0

NVD: CVE-2018-17929
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-20872
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201810-555
value: HIGH

Trust: 0.6

IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-17929
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 4.6

CNVD: CNVD-2018-20872
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

ZDI: CVE-2018-17929
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.4

nvd@nist.gov: CVE-2018-17929
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-17929
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1 // ZDI: ZDI-18-1244 // ZDI: ZDI-18-1238 // ZDI: ZDI-18-1243 // ZDI: ZDI-18-1240 // ZDI: ZDI-18-1236 // ZDI: ZDI-18-1241 // CNVD: CNVD-2018-20872 // JVNDB: JVNDB-2018-013718 // CNNVD: CNNVD-201810-555 // NVD: CVE-2018-17929

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.8

sources: JVNDB: JVNDB-2018-013718 // NVD: CVE-2018-17929

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-555

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1 // CNNVD: CNNVD-201810-555

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013718

PATCH
title:Delta Industrial Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-284-03
Trust: 4.2
title:Top Pageurl:http://www.deltaww.com/
Trust: 0.8
title:Patch for TPEditor Stack Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/142267
Trust: 0.6
title:Delta Industrial Automation TPEditor Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85680
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-1244 // 
            
            
            
            ZDI: ZDI-18-1238 // 
            
            
            
            ZDI: ZDI-18-1243 // 
            
            
            
            ZDI: ZDI-18-1240 // 
            
            
            
            ZDI: ZDI-18-1236 // 
            
            
            
            ZDI: ZDI-18-1241 // 
            
            
            
            CNVD: CNVD-2018-20872 // 
            
            
            
            JVNDB: JVNDB-2018-013718 // 
            
            
            
            CNNVD: CNNVD-201810-555

EXTERNAL IDS
db:NVDid:CVE-2018-17929
Trust: 7.7
db:ICS CERTid:ICSA-18-284-03
Trust: 3.3
db:BIDid:105682
Trust: 1.9
db:CNVDid:CNVD-2018-20872
Trust: 0.8
db:CNNVDid:CNNVD-201810-555
Trust: 0.8
db:JVNDBid:JVNDB-2018-013718
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-6460
Trust: 0.7
db:ZDIid:ZDI-18-1244
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-6442
Trust: 0.7
db:ZDIid:ZDI-18-1238
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-6459
Trust: 0.7
db:ZDIid:ZDI-18-1243
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-6444
Trust: 0.7
db:ZDIid:ZDI-18-1240
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-6448
Trust: 0.7
db:ZDIid:ZDI-18-1236
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-6445
Trust: 0.7
db:ZDIid:ZDI-18-1241
Trust: 0.7
db:IVDid:E2FD6942-39AB-11E9-A1BF-000C29342CB1
Trust: 0.2
sources:
            
            
            IVD: e2fd6942-39ab-11e9-a1bf-000c29342cb1 // 
            
            
            
            ZDI: ZDI-18-1244 // 
            
            
            
            ZDI: ZDI-18-1238 // 
            
            
            
            ZDI: ZDI-18-1243 // 
            
            
            
            ZDI: ZDI-18-1240 // 
            
            
            
            ZDI: ZDI-18-1236 // 
            
            
            
            ZDI: ZDI-18-1241 // 
            
            
            
            CNVD: CNVD-2018-20872 // 
            
            
            
            BID: 105682 // 
            
            
            
            JVNDB: JVNDB-2018-013718 // 
            
            
            
            CNNVD: CNNVD-201810-555 // 
            
            
            
            NVD: CVE-2018-17929

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-284-03
Trust: 7.5
url:http://www.securityfocus.com/bid/105682
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17929
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-17929
Trust: 0.8
url:http://www.deltaww.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-1244 // 
            
            
            
            ZDI: ZDI-18-1238 // 
            
            
            
            ZDI: ZDI-18-1243 // 
            
            
            
            ZDI: ZDI-18-1240 // 
            
            
            
            ZDI: ZDI-18-1236 // 
            
            
            
            ZDI: ZDI-18-1241 // 
            
            
            
            CNVD: CNVD-2018-20872 // 
            
            
            
            BID: 105682 // 
            
            
            
            JVNDB: JVNDB-2018-013718 // 
            
            
            
            CNNVD: CNNVD-201810-555 // 
            
            
            
            NVD: CVE-2018-17929

CREDITS
Mat Powell of Trend Micro Zero Day Initiative
Trust: 3.5
sources:
            
            
            ZDI: ZDI-18-1244 // 
            
            
            
            ZDI: ZDI-18-1238 // 
            
            
            
            ZDI: ZDI-18-1243 // 
            
            
            
            ZDI: ZDI-18-1240 // 
            
            
            
            ZDI: ZDI-18-1241

SOURCES
db:IVDid:e2fd6942-39ab-11e9-a1bf-000c29342cb1
db:ZDIid:ZDI-18-1244
db:ZDIid:ZDI-18-1238
db:ZDIid:ZDI-18-1243
db:ZDIid:ZDI-18-1240
db:ZDIid:ZDI-18-1236
db:ZDIid:ZDI-18-1241
db:CNVDid:CNVD-2018-20872
db:BIDid:105682
db:JVNDBid:JVNDB-2018-013718
db:CNNVDid:CNNVD-201810-555
db:NVDid:CVE-2018-17929

LAST UPDATE DATE
2024-11-23T22:17:17.438000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-1244date:2018-10-16T00:00:00
db:ZDIid:ZDI-18-1238date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1243date:2018-10-16T00:00:00
db:ZDIid:ZDI-18-1240date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1236date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1241date:2018-10-15T00:00:00
db:CNVDid:CNVD-2018-20872date:2018-10-15T00:00:00
db:BIDid:105682date:2018-10-11T00:00:00
db:JVNDBid:JVNDB-2018-013718date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-555date:2020-09-21T00:00:00
db:NVDid:CVE-2018-17929date:2024-11-21T03:55:13.760

SOURCES RELEASE DATE
db:IVDid:e2fd6942-39ab-11e9-a1bf-000c29342cb1date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1244date:2018-10-16T00:00:00
db:ZDIid:ZDI-18-1238date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1243date:2018-10-16T00:00:00
db:ZDIid:ZDI-18-1240date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1236date:2018-10-15T00:00:00
db:ZDIid:ZDI-18-1241date:2018-10-15T00:00:00
db:CNVDid:CNVD-2018-20872date:2018-10-15T00:00:00
db:BIDid:105682date:2018-10-11T00:00:00
db:JVNDBid:JVNDB-2018-013718date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-555date:2018-10-12T00:00:00
db:NVDid:CVE-2018-17929date:2018-10-11T22:29:00.410