Sign-up

ID

VAR-201812-1035


CVE

CVE-2018-19982


TITLE

KT MC01507L Z-Wave S0 Device validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014361

DESCRIPTION

An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP > Server > Controller (HUB) > Node (products which are controlled by HUB). The prerequisite is that the attacker is on the same network as the target HUB, and can use IP Changer to change destination IP addresses (of all packets whose destination IP address is Server) to a proxy-server IP address. This allows sniffing of cleartext between Server and Controller. The cleartext command data is transmitted to Controller using the proxy server's fake certificate, and it is able to control each Node of the HUB. Also, by operating HUB in Z-Wave Pairing Mode, it is possible to obtain the Z-Wave network key. There is a security vulnerability in KT MC01507L Z-Wave S0, which is caused by the program not enabling the HPKP mechanism. A local attacker could exploit this vulnerability to sniff the plaintext between the server and the controller and obtain the Z-Wave network key

Trust: 1.71

sources: NVD: CVE-2018-19982 // JVNDB: JVNDB-2018-014361 // VULHUB: VHN-130696

AFFECTED PRODUCTS

vendor:powermanagermodel:kt mc01507l z-wave s0scope:eqversion: -

Trust: 1.0

vendor:z wave alliancemodel:kt mc01507l z-wave s0scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2018-014361 // NVD: CVE-2018-19982

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-19982
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-19982
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201812-336
value: LOW

Trust: 0.6

VULHUB: VHN-130696
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-19982
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-130696
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-19982
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.6
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-130696 // JVNDB: JVNDB-2018-014361 // CNNVD: CNNVD-201812-336 // NVD: CVE-2018-19982

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.9

sources: VULHUB: VHN-130696 // JVNDB: JVNDB-2018-014361 // NVD: CVE-2018-19982

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201812-336

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201812-336

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014361

PATCH
title:Top Pageurl:https://products.z-wavealliance.org/regions
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-014361

EXTERNAL IDS
db:NVDid:CVE-2018-19982
Trust: 2.5
db:JVNDBid:JVNDB-2018-014361
Trust: 0.8
db:CNNVDid:CNNVD-201812-336
Trust: 0.7
db:VULHUBid:VHN-130696
Trust: 0.1
sources:
            
            
            VULHUB: VHN-130696 // 
            
            
            
            JVNDB: JVNDB-2018-014361 // 
            
            
            
            CNNVD: CNNVD-201812-336 // 
            
            
            
            NVD: CVE-2018-19982

REFERENCES
url:https://github.com/min1233/cve/blob/master/1
Trust: 2.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19982
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-19982
Trust: 0.8
sources:
            
            
            VULHUB: VHN-130696 // 
            
            
            
            JVNDB: JVNDB-2018-014361 // 
            
            
            
            CNNVD: CNNVD-201812-336 // 
            
            
            
            NVD: CVE-2018-19982

SOURCES
db:VULHUBid:VHN-130696
db:JVNDBid:JVNDB-2018-014361
db:CNNVDid:CNNVD-201812-336
db:NVDid:CVE-2018-19982

LAST UPDATE DATE
2024-11-23T22:41:38.201000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-130696date:2019-02-06T00:00:00
db:JVNDBid:JVNDB-2018-014361date:2019-03-19T00:00:00
db:CNNVDid:CNNVD-201812-336date:2019-02-13T00:00:00
db:NVDid:CVE-2018-19982date:2024-11-21T03:58:56.233

SOURCES RELEASE DATE
db:VULHUBid:VHN-130696date:2018-12-09T00:00:00
db:JVNDBid:JVNDB-2018-014361date:2019-03-19T00:00:00
db:CNNVDid:CNNVD-201812-336date:2018-12-10T00:00:00
db:NVDid:CVE-2018-19982date:2018-12-09T19:29:00.483