Sign-up

ID

VAR-202007-0045


CVE

CVE-2020-10918


TITLE

C-MORE HMI EA9 Authentication vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2020-008744

DESCRIPTION

This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication mechanism. The issue is due to insufficient authentication on post-authentication requests. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from unauthenticated users. Was ZDI-CAN-10182. Zero Day Initiative To this vulnerability ZDI-CAN-10182 Was numbered.Information may be obtained. C-More HMI EA9 is a human-machine interface touch panel

Trust: 2.88

sources: NVD: CVE-2020-10918 // JVNDB: JVNDB-2020-008744 // ZDI: ZDI-20-805 // CNVD: CNVD-2020-49045 // VULMON: CVE-2020-10918

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-49045

AFFECTED PRODUCTS

vendor:automationdirectmodel:c-more hmi ea9scope:eqversion:6.52

Trust: 1.8

vendor:c moremodel:hmi ea9scope: - version: -

Trust: 0.7

vendor:c moremodel:hmi ea9scope:eqversion:6.52

Trust: 0.6

sources: ZDI: ZDI-20-805 // CNVD: CNVD-2020-49045 // JVNDB: JVNDB-2020-008744 // NVD: CVE-2020-10918

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10918
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10918
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-008744
value: HIGH

Trust: 0.8

ZDI: CVE-2020-10918
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-49045
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202007-336
value: HIGH

Trust: 0.6

VULMON: CVE-2020-10918
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-10918
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-008744
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-49045
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-10918
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10918
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-008744
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-10918
baseSeverity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-805 // CNVD: CNVD-2020-49045 // VULMON: CVE-2020-10918 // JVNDB: JVNDB-2020-008744 // CNNVD: CNNVD-202007-336 // NVD: CVE-2020-10918 // NVD: CVE-2020-10918

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2020-008744 // NVD: CVE-2020-10918

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-336

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202007-336

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008744

PATCH
title:Top Pageurl:https://www.automationdirect.com/
Trust: 0.8
title:Patch for C-MORE HMI EA9 verification bypass vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/232066
Trust: 0.6
title:C-More HMI EA9 Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124860
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-49045 // 
            
            
            
            JVNDB: JVNDB-2020-008744 // 
            
            
            
            CNNVD: CNNVD-202007-336

EXTERNAL IDS
db:NVDid:CVE-2020-10918
Trust: 3.8
db:ZDIid:ZDI-20-805
Trust: 3.8
db:JVNDBid:JVNDB-2020-008744
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10182
Trust: 0.7
db:CNVDid:CNVD-2020-49045
Trust: 0.6
db:CNNVDid:CNNVD-202007-336
Trust: 0.6
db:VULMONid:CVE-2020-10918
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-805 // 
            
            
            
            CNVD: CNVD-2020-49045 // 
            
            
            
            VULMON: CVE-2020-10918 // 
            
            
            
            JVNDB: JVNDB-2020-008744 // 
            
            
            
            CNNVD: CNNVD-202007-336 // 
            
            
            
            NVD: CVE-2020-10918

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-20-805/
Trust: 3.1
url:https://nvd.nist.gov/vuln/detail/cve-2020-10918
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10918
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/287.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-49045 // 
            
            
            
            VULMON: CVE-2020-10918 // 
            
            
            
            JVNDB: JVNDB-2020-008744 // 
            
            
            
            CNNVD: CNNVD-202007-336 // 
            
            
            
            NVD: CVE-2020-10918

CREDITS
Ta-Lun Yen & Chizuru Toyama of TXOne IoT/ICS Security Research Labs (Trend Micro)
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-805

SOURCES
db:ZDIid:ZDI-20-805
db:CNVDid:CNVD-2020-49045
db:VULMONid:CVE-2020-10918
db:JVNDBid:JVNDB-2020-008744
db:CNNVDid:CNNVD-202007-336
db:NVDid:CVE-2020-10918

LAST UPDATE DATE
2024-11-23T23:01:21.171000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-805date:2020-11-24T00:00:00
db:CNVDid:CNVD-2020-49045date:2020-08-28T00:00:00
db:VULMONid:CVE-2020-10918date:2020-07-28T00:00:00
db:JVNDBid:JVNDB-2020-008744date:2020-09-24T00:00:00
db:CNNVDid:CNNVD-202007-336date:2020-07-29T00:00:00
db:NVDid:CVE-2020-10918date:2024-11-21T04:56:22.060

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-805date:2020-07-07T00:00:00
db:CNVDid:CNVD-2020-49045date:2020-08-28T00:00:00
db:VULMONid:CVE-2020-10918date:2020-07-23T00:00:00
db:JVNDBid:JVNDB-2020-008744date:2020-09-24T00:00:00
db:CNNVDid:CNNVD-202007-336date:2020-07-07T00:00:00
db:NVDid:CVE-2020-10918date:2020-07-23T16:15:12.083