Sign-up

ID

VAR-201903-0908


CVE

CVE-2017-16255


TITLE

Insteon Hub Firmware buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-014407

DESCRIPTION

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at At 0x9d014e84 the value for the cmd1 key is copied using strcpy to the buffer at $sp+0x280. This buffer is 16 bytes large. InsteonHub is an Insteon central controller from Insteon, USA. This product can remotely control light bulbs, wall switches, air conditioners, etc. in the home

Trust: 2.25

sources: NVD: CVE-2017-16255 // JVNDB: JVNDB-2017-014407 // CNVD: CNVD-2019-13142 // VULHUB: VHN-107159

IOT TAXONOMY

category:['ICS', 'Network device']sub_category:Gateway / Hub: Open Ecosystem

Trust: 0.6

category:['home & office device']sub_category:smart home device

Trust: 0.1

category:['home & office device']sub_category:smart home controller

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2019-13142

AFFECTED PRODUCTS

vendor:insteonmodel:hubscope:eqversion:1012

Trust: 2.4

sources: CNVD: CNVD-2019-13142 // JVNDB: JVNDB-2017-014407 // NVD: CVE-2017-16255

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-16255
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16255
value: HIGH

Trust: 1.0

NVD: CVE-2017-16255
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-13142
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201711-177
value: HIGH

Trust: 0.6

VULHUB: VHN-107159
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-16255
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-13142
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-107159
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-16255
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2017-16255
baseSeverity: HIGH
baseScore: 8.5
vectorString: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2017-16255
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-13142 // VULHUB: VHN-107159 // JVNDB: JVNDB-2017-014407 // CNNVD: CNNVD-201711-177 // NVD: CVE-2017-16255 // NVD: CVE-2017-16255

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-107159 // JVNDB: JVNDB-2017-014407 // NVD: CVE-2017-16255

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-177

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201711-177

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014407

PATCH
title:Insteon Huburl:https://www.insteon.com/insteon-hub
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-014407

EXTERNAL IDS
db:NVDid:CVE-2017-16255
Trust: 3.2
db:TALOSid:TALOS-2017-0483
Trust: 3.1
db:JVNDBid:JVNDB-2017-014407
Trust: 0.8
db:CNNVDid:CNNVD-201711-177
Trust: 0.7
db:CNVDid:CNVD-2019-13142
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-107159
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-13142 // 
            
            
            
            VULHUB: VHN-107159 // 
            
            
            
            JVNDB: JVNDB-2017-014407 // 
            
            
            
            CNNVD: CNNVD-201711-177 // 
            
            
            
            NVD: CVE-2017-16255

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 3.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-16255
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16255
Trust: 0.8
url:https://www.talosintelligence.com/vulnerability_reports/talos-2017-0483
Trust: 0.6
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2019-13142 // 
            
            
            
            VULHUB: VHN-107159 // 
            
            
            
            JVNDB: JVNDB-2017-014407 // 
            
            
            
            CNNVD: CNNVD-201711-177 // 
            
            
            
            NVD: CVE-2017-16255

CREDITS
Discovered by Claudio Bozzato of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201711-177

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2019-13142
db:VULHUBid:VHN-107159
db:JVNDBid:JVNDB-2017-014407
db:CNNVDid:CNNVD-201711-177
db:NVDid:CVE-2017-16255

LAST UPDATE DATE
2025-01-30T21:10:13.336000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-13142date:2019-05-07T00:00:00
db:VULHUBid:VHN-107159date:2022-12-09T00:00:00
db:JVNDBid:JVNDB-2017-014407date:2019-04-26T00:00:00
db:CNNVDid:CNNVD-201711-177date:2022-12-12T00:00:00
db:NVDid:CVE-2017-16255date:2024-11-21T03:16:07.210

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-13142date:2019-05-07T00:00:00
db:VULHUBid:VHN-107159date:2019-03-21T00:00:00
db:JVNDBid:JVNDB-2017-014407date:2019-04-26T00:00:00
db:CNNVDid:CNNVD-201711-177date:2017-10-31T00:00:00
db:NVDid:CVE-2017-16255date:2019-03-21T17:29:00.303