Details of VAR-201904-0142

ID

VAR-201904-0142

CVE

CVE-2019-5024

TITLE

Capsule Technologies SmartLinx Neuron 2 medical information collection Vulnerability related to input validation on devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-003406

DESCRIPTION

A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.71

sources: NVD: CVE-2019-5024 // JVNDB: JVNDB-2019-003406 // VULHUB: VHN-156459

AFFECTED PRODUCTS

vendor:	capsuletech	model:	smartlinx neuron 2	scope:	lte	version:	9.0.3	Trust: 1.0
vendor:	capsule	model:	smartlinx neuron 2	scope:	eq	version:	6.9.1	Trust: 0.8

sources: JVNDB: JVNDB-2019-003406 // NVD: CVE-2019-5024

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-5024
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2019-5024
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-5024
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201904-310
value:	HIGH
Trust: 0.6
VULHUB:	VHN-156459
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-5024
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-156459
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

talos-cna@cisco.com:	CVE-2019-5024
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	6.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-5024
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-156459 // JVNDB: JVNDB-2019-003406 // CNNVD: CNNVD-201904-310 // NVD: CVE-2019-5024 // NVD: CVE-2019-5024

PROBLEMTYPE DATA

problemtype:	CWE-693	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-156459 // JVNDB: JVNDB-2019-003406 // NVD: CVE-2019-5024

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201904-310

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003406

PATCH

title:	An Information System for Medical Device Data	url:	https://www.capsuletech.com/capsule	Trust: 0.8
title:	Capsule Technologies SmartLinx Neuron Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91148	Trust: 0.6

sources: JVNDB: JVNDB-2019-003406 // CNNVD: CNNVD-201904-310

EXTERNAL IDS

db:	NVD	id:	CVE-2019-5024	Trust: 2.5
db:	TALOS	id:	TALOS-2019-0785	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-003406	Trust: 0.8
db:	CNNVD	id:	CNNVD-201904-310	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2400.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2400	Trust: 0.6
db:	NSFOCUS	id:	47220	Trust: 0.6
db:	ICS CERT	id:	ICSMA-20-196-01	Trust: 0.6
db:	SEEBUG	id:	SSVID-98404	Trust: 0.1
db:	VULHUB	id:	VHN-156459	Trust: 0.1

sources: VULHUB: VHN-156459 // JVNDB: JVNDB-2019-003406 // CNNVD: CNNVD-201904-310 // NVD: CVE-2019-5024

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2019-0785	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5024	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5024	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsma-20-196-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2400.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2400/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/47220	Trust: 0.6
url:	https://www.talosintelligence.com/vulnerability_reports/talos-2019-0785	Trust: 0.6

sources: VULHUB: VHN-156459 // JVNDB: JVNDB-2019-003406 // CNNVD: CNNVD-201904-310 // NVD: CVE-2019-5024

CREDITS

Discovered by Patrick DeSantis of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-201904-310

SOURCES

db:	VULHUB	id:	VHN-156459
db:	JVNDB	id:	JVNDB-2019-003406
db:	CNNVD	id:	CNNVD-201904-310
db:	NVD	id:	CVE-2019-5024

LAST UPDATE DATE

2024-11-23T22:12:07.522000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-156459	date:	2020-08-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003406	date:	2019-05-16T00:00:00
db:	CNNVD	id:	CNNVD-201904-310	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2019-5024	date:	2024-11-21T04:44:12.523

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-156459	date:	2019-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2019-003406	date:	2019-05-16T00:00:00
db:	CNNVD	id:	CNNVD-201904-310	date:	2019-04-08T00:00:00
db:	NVD	id:	CVE-2019-5024	date:	2019-04-11T18:29:00.270