Details of VAR-201810-1415

ID

VAR-201810-1415

CVE

CVE-2018-5401

TITLE

Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App

Trust: 0.8

sources: CERT/CC: VU#176301

DESCRIPTION

The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The devices transmit process control information via unencrypted Modbus communications. Impact: An attacker can exploit this vulnerability to observe information about configurations, settings, what sensors are present and in use, and other information to aid in crafting spoofed messages. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7. Auto-Maskin RP With remote panel DCU The control unit is a product that monitors and controls the ship's engine. These products have multiple vulnerabilities related to authentication and encryption that can be accessed by an attacker and take over the engine operation of the ship. Problems with hard-coded credentials (CWE-798) - CVE-2018-5399 DCU 210E No firmware Dropbear SSH server Is included, but this is not documented. Also, SSH The username and password for the connection are hard-coded and the password is easily guessable. Insufficient validation of connection source (CWE-346) - CVE-2018-5400 The product uses a proprietary protocol that is not documented to communicate with other equipment. Modbus We are communicating, but we have not verified the validity of the connection between devices. Sensitive information is sent in clear text (CWE-319) - CVE-2018-5402 The web server included in the product is an administrator using plain text that is not encrypted. PIN Sending code. An hard-coded credentials security bypass Vulnerability. 2. A security-bypass vulnerability. 3. Multiple information disclosure vulnerabilities. Attackers may exploit these issues to gain unauthorized access to the affected application, or to bypass certain security restrictions to perform unauthorized actions, and obtain sensitive information. Auto-Maskin DCU-210E and RP-210E are engine control panels

Trust: 2.7

sources: NVD: CVE-2018-5401 // CERT/CC: VU#176301 // JVNDB: JVNDB-2018-008149 // BID: 105714 // VULHUB: VHN-135432

AFFECTED PRODUCTS

vendor:	auto maskin	model:	rp 210e	scope:	eq	version:	-	Trust: 1.0
vendor:	auto maskin	model:	dcu 210e	scope:	eq	version:	-	Trust: 1.0
vendor:	auto maskin	model:	marine pro observer	scope:	eq	version:	-	Trust: 1.0
vendor:	auto maskin as	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	auto maskin	model:	dcu 210e	scope:	-	version:	-	Trust: 0.8
vendor:	auto maskin	model:	marine pro observer	scope:	-	version:	-	Trust: 0.8
vendor:	auto maskin	model:	rp 210e	scope:	-	version:	-	Trust: 0.8
vendor:	auto maskin	model:	as marine pro observer	scope:	eq	version:	0	Trust: 0.3
vendor:	auto maskin	model:	as dcu 210e rp 210e	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#176301 // BID: 105714 // JVNDB: JVNDB-2018-008149 // NVD: CVE-2018-5401

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5401
value:	MEDIUM
Trust: 1.0
cret@cert.org:	CVE-2018-5401
value:	CRITICAL
Trust: 1.0
CNNVD:	CNNVD-201810-261
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-135432
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-5401
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-135432
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5401
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.0
cret@cert.org:	CVE-2018-5401
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	5.2
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-135432 // CNNVD: CNNVD-201810-261 // NVD: CVE-2018-5401 // NVD: CVE-2018-5401

PROBLEMTYPE DATA

problemtype:	CWE-319	Trust: 1.1
problemtype:	CWE-200	Trust: 0.1

sources: VULHUB: VHN-135432 // NVD: CVE-2018-5401

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-261

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201810-261

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008149

EXTERNAL IDS

db:	CERT/CC	id:	VU#176301	Trust: 3.6
db:	NVD	id:	CVE-2018-5401	Trust: 2.8
db:	ICS CERT	id:	ICSA-20-051-04	Trust: 1.7
db:	JVN	id:	JVNVU99039923	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-008149	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-261	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.0648	Trust: 0.6
db:	BID	id:	105714	Trust: 0.3
db:	VULHUB	id:	VHN-135432	Trust: 0.1

sources: CERT/CC: VU#176301 // VULHUB: VHN-135432 // BID: 105714 // JVNDB: JVNDB-2018-008149 // CNNVD: CNNVD-201810-261 // NVD: CVE-2018-5401

REFERENCES

url:	https://www.kb.cert.org/vuls/id/176301	Trust: 2.8
url:	https://www.us-cert.gov/ics/advisories/icsa-20-051-04	Trust: 1.7
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5401	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5402	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5399	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5400	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99039923/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5399	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5400	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5401	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5402	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.0648/	Trust: 0.6
url:	https://www.auto-maskin.com/	Trust: 0.3

sources: CERT/CC: VU#176301 // VULHUB: VHN-135432 // BID: 105714 // JVNDB: JVNDB-2018-008149 // CNNVD: CNNVD-201810-261 // NVD: CVE-2018-5401

CREDITS

Brian Satira and Brian Olson

Trust: 0.3

sources: BID: 105714

SOURCES

db:	CERT/CC	id:	VU#176301
db:	VULHUB	id:	VHN-135432
db:	BID	id:	105714
db:	JVNDB	id:	JVNDB-2018-008149
db:	CNNVD	id:	CNNVD-201810-261
db:	NVD	id:	CVE-2018-5401

LAST UPDATE DATE

2024-11-23T21:38:03.660000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#176301	date:	2018-10-16T00:00:00
db:	VULHUB	id:	VHN-135432	date:	2019-10-09T00:00:00
db:	BID	id:	105714	date:	2018-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2018-008149	date:	2019-08-28T00:00:00
db:	CNNVD	id:	CNNVD-201810-261	date:	2020-02-25T00:00:00
db:	NVD	id:	CVE-2018-5401	date:	2024-11-21T04:08:44.713

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#176301	date:	2018-10-06T00:00:00
db:	VULHUB	id:	VHN-135432	date:	2018-10-08T00:00:00
db:	BID	id:	105714	date:	2018-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2018-008149	date:	2018-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201810-261	date:	2018-10-09T00:00:00
db:	NVD	id:	CVE-2018-5401	date:	2018-10-08T15:29:02.870