Sign-up

ID

VAR-201909-1547


TITLE

Kunlun's MCGS touch screen TPC1062Ti system has a denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-33140

DESCRIPTION

MCGS is a Windows-based configuration software system developed by Beijing Kunlun Tongstate Automation Software Technology Co., Ltd., which is used to quickly construct and generate a host computer monitoring system. It mainly completes field data collection and monitoring, front-end data processing and control. Kunlun's MCGS touch screen TPC1062Ti system has a denial of service vulnerability. Attackers can use the vulnerability to send special messages, which can cause the MCGS touch screen system to run out of memory and cause applications to become unresponsive, resulting in a denial of service

Trust: 0.72

sources: CNVD: CNVD-2019-33140 // IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f // CNVD: CNVD-2019-33140

AFFECTED PRODUCTS

vendor:kunlun tongstate automationmodel:mcgs touch screen tpc1062ti systemscope: - version: -

Trust: 0.6

vendor:kunlun tongstate automationmodel:state mcgs touch screen tpc1062ti systemscope:eqversion:*

Trust: 0.2

sources: IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f // CNVD: CNVD-2019-33140

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-33140
value: MEDIUM

Trust: 0.6

IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f
value: MEDIUM

Trust: 0.2

CNVD: CNVD-2019-33140
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f // CNVD: CNVD-2019-33140

TYPE

Denial of service

Trust: 0.2

sources: IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f

PATCH

title:Kunlun's MCGS touch screen TPC1062Ti system has a denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/180465

Trust: 0.6

sources: CNVD: CNVD-2019-33140

EXTERNAL IDS

db:CNVDid:CNVD-2019-33140

Trust: 0.8

db:IVDid:B3A1999E-1C8C-48D3-AF35-9AB8B102026F

Trust: 0.2

sources: IVD: b3a1999e-1c8c-48d3-af35-9ab8b102026f // CNVD: CNVD-2019-33140

SOURCES

db:IVDid:b3a1999e-1c8c-48d3-af35-9ab8b102026f
db:CNVDid:CNVD-2019-33140

LAST UPDATE DATE

2022-05-17T01:46:21.330000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-33140date:2019-09-26T00:00:00

SOURCES RELEASE DATE

db:IVDid:b3a1999e-1c8c-48d3-af35-9ab8b102026fdate:2019-09-26T00:00:00
db:CNVDid:CNVD-2019-33140date:2019-10-21T00:00:00