Sign-up

ID

VAR-201903-0906


CVE

CVE-2017-16253


TITLE

Insteon Hub Firmware buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-014405

DESCRIPTION

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request At 0x9d014dd8 the value for the id key is copied using strcpy to the buffer at $sp+0x290. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow. InsteonHub is an Insteon central controller from Insteon, USA. This product can remotely control light bulbs, wall switches, air conditioners, etc. in the home. An attacker could exploit the vulnerability to cover any data by sending an authenticated request

Trust: 2.25

sources: NVD: CVE-2017-16253 // JVNDB: JVNDB-2017-014405 // CNVD: CNVD-2019-13144 // VULHUB: VHN-107157

IOT TAXONOMY

category:['ICS', 'Network device']sub_category:Gateway / Hub: Open Ecosystem

Trust: 0.6

category:['home & office device']sub_category:smart home device

Trust: 0.1

category:['home & office device']sub_category:smart home controller

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2019-13144

AFFECTED PRODUCTS

vendor:insteonmodel:hubscope:eqversion:1012

Trust: 2.4

sources: CNVD: CNVD-2019-13144 // JVNDB: JVNDB-2017-014405 // NVD: CVE-2017-16253

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-16253
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16253
value: HIGH

Trust: 1.0

NVD: CVE-2017-16253
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-13144
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201711-175
value: HIGH

Trust: 0.6

VULHUB: VHN-107157
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-16253
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-13144
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-107157
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-16253
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16253
baseSeverity: HIGH
baseScore: 8.5
vectorString: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2017-16253
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-13144 // VULHUB: VHN-107157 // JVNDB: JVNDB-2017-014405 // CNNVD: CNNVD-201711-175 // NVD: CVE-2017-16253 // NVD: CVE-2017-16253

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-107157 // JVNDB: JVNDB-2017-014405 // NVD: CVE-2017-16253

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-175

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201711-175

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014405

PATCH
title:Insteon Huburl:https://www.insteon.com/insteon-hub
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-014405

EXTERNAL IDS
db:NVDid:CVE-2017-16253
Trust: 3.2
db:TALOSid:TALOS-2017-0483
Trust: 3.1
db:JVNDBid:JVNDB-2017-014405
Trust: 0.8
db:CNNVDid:CNNVD-201711-175
Trust: 0.7
db:CNVDid:CNVD-2019-13144
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-107157
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-13144 // 
            
            
            
            VULHUB: VHN-107157 // 
            
            
            
            JVNDB: JVNDB-2017-014405 // 
            
            
            
            CNNVD: CNNVD-201711-175 // 
            
            
            
            NVD: CVE-2017-16253

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 3.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-16253
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16253
Trust: 0.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-13144 // 
            
            
            
            VULHUB: VHN-107157 // 
            
            
            
            JVNDB: JVNDB-2017-014405 // 
            
            
            
            CNNVD: CNNVD-201711-175 // 
            
            
            
            NVD: CVE-2017-16253

CREDITS
Discovered by Claudio Bozzato of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201711-175

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2019-13144
db:VULHUBid:VHN-107157
db:JVNDBid:JVNDB-2017-014405
db:CNNVDid:CNNVD-201711-175
db:NVDid:CVE-2017-16253

LAST UPDATE DATE
2025-01-30T19:28:42.129000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-13144date:2019-05-07T00:00:00
db:VULHUBid:VHN-107157date:2022-12-09T00:00:00
db:JVNDBid:JVNDB-2017-014405date:2019-04-26T00:00:00
db:CNNVDid:CNNVD-201711-175date:2022-12-12T00:00:00
db:NVDid:CVE-2017-16253date:2024-11-21T03:16:06.983

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-13144date:2019-05-07T00:00:00
db:VULHUBid:VHN-107157date:2019-03-21T00:00:00
db:JVNDBid:JVNDB-2017-014405date:2019-04-26T00:00:00
db:CNNVDid:CNNVD-201711-175date:2017-10-31T00:00:00
db:NVDid:CVE-2017-16253date:2019-03-21T17:29:00.243