Details of VAR-201905-0845

ID

VAR-201905-0845

CVE

CVE-2018-4025

TITLE

Anker Roav A1 Dashcam Resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015445

DESCRIPTION

An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot. Anker Roav A1 Dashcam Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Novatek NT9665X Chipset is a chip for camera equipment. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Trust: 1.71

sources: NVD: CVE-2018-4025 // JVNDB: JVNDB-2018-015445 // VULHUB: VHN-134056

IOT TAXONOMY

category:

['camera device']

sub_category:

dashcam

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	anker in	model:	roav dashcam a1	scope:	eq	version:	1.9	Trust: 1.0
vendor:	anker innovations	model:	roav dashcam a1	scope:	eq	version:	roava1swv1.9	Trust: 0.8

sources: JVNDB: JVNDB-2018-015445 // NVD: CVE-2018-4025

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4025
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2018-4025
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4025
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-326
value:	HIGH
Trust: 0.6
VULHUB:	VHN-134056
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-4025
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-134056
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

talos-cna@cisco.com:	CVE-2018-4025
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2018-4025
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-134056 // JVNDB: JVNDB-2018-015445 // CNNVD: CNNVD-201905-326 // NVD: CVE-2018-4025 // NVD: CVE-2018-4025

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.1
problemtype:	CWE-399	Trust: 0.9

sources: VULHUB: VHN-134056 // JVNDB: JVNDB-2018-015445 // NVD: CVE-2018-4025

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-326

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-326

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015445

PATCH

title:	Roav DashCam A1	url:	https://goroav.com/products/roav-dash-cam-a1	Trust: 0.8
title:	NT9665X Chipset Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92491	Trust: 0.6

sources: JVNDB: JVNDB-2018-015445 // CNNVD: CNNVD-201905-326

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4025	Trust: 2.6
db:	TALOS	id:	TALOS-2018-0697	Trust: 2.5
db:	JVNDB	id:	JVNDB-2018-015445	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-326	Trust: 0.7
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULHUB	id:	VHN-134056	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-134056 // JVNDB: JVNDB-2018-015445 // CNNVD: CNNVD-201905-326 // NVD: CVE-2018-4025

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2018-0697	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4025	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4025	Trust: 0.8
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-134056 // JVNDB: JVNDB-2018-015445 // CNNVD: CNNVD-201905-326 // NVD: CVE-2018-4025

CREDITS

Discovered by Lilith [<_<] of Cisco Talos.,Lilith [<_<] of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-201905-326

SOURCES

db:	OTHER	id:	-
db:	VULHUB	id:	VHN-134056
db:	JVNDB	id:	JVNDB-2018-015445
db:	CNNVD	id:	CNNVD-201905-326
db:	NVD	id:	CVE-2018-4025

LAST UPDATE DATE

2025-01-30T20:47:21.575000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-134056	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-015445	date:	2019-06-05T00:00:00
db:	CNNVD	id:	CNNVD-201905-326	date:	2019-10-15T00:00:00
db:	NVD	id:	CVE-2018-4025	date:	2024-11-21T04:06:32.643

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-134056	date:	2019-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-015445	date:	2019-06-05T00:00:00
db:	CNNVD	id:	CNNVD-201905-326	date:	2019-05-13T00:00:00
db:	NVD	id:	CVE-2018-4025	date:	2019-05-13T16:29:00.837