Sign-up

ID

VAR-201802-1044


CVE

CVE-2018-5440


TITLE

3S CODESYS WebVisu Web Server Component Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // CNVD: CNVD-2018-02846

DESCRIPTION

A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server. 3S-Smart CODESYS Web Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CODESYS is the core product of 3S-Smart Software Solutions GmbH. It is an IEC 61131-3 development environment for controller applications and CODESYS Control. It is a platform with a stand-alone system. Exploiting this issue may allow remote attackers to execute arbitrary code within the context of the affected application. Failed attacks will cause denial-of-service conditions. 3S-Smart CODESYS is a set of PLC (programmable logic controller) software programming tools. CODESYS Web Server is one of the web servers. CODESYS runtime system is a system for programming automation equipment

Trust: 2.7

sources: NVD: CVE-2018-5440 // JVNDB: JVNDB-2018-002168 // CNVD: CNVD-2018-02846 // BID: 102909 // IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // VULHUB: VHN-135471

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // CNVD: CNVD-2018-02846

AFFECTED PRODUCTS

vendor:3smodel:codesys web serverscope:eqversion:2.3

Trust: 1.6

vendor:3smodel:codesys runtime systemscope:ltversion:1.1.9.19

Trust: 1.0

vendor:3s smartmodel:codesys control runtime systemscope: - version: -

Trust: 0.8

vendor:3s smartmodel:codesys webserverscope: - version: -

Trust: 0.8

vendor:3s smartmodel:software solutions codesys web serverscope:ltversion:1.1.9.19

Trust: 0.6

vendor:3smodel:codesys runtime systemscope:eqversion: -

Trust: 0.6

vendor:3s smartmodel:codesys web serverscope:eqversion:2.3

Trust: 0.3

vendor:codesys runtime systemmodel: - scope:eqversion:*

Trust: 0.2

vendor:codesys web servermodel: - scope:eqversion:2.3

Trust: 0.2

sources: IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // CNVD: CNVD-2018-02846 // BID: 102909 // JVNDB: JVNDB-2018-002168 // CNNVD: CNNVD-201802-355 // NVD: CVE-2018-5440

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-5440
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-5440
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-02846
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201802-355
value: CRITICAL

Trust: 0.6

IVD: e2e35192-39ab-11e9-b38e-000c29342cb1
value: CRITICAL

Trust: 0.2

VULHUB: VHN-135471
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-5440
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-02846
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2e35192-39ab-11e9-b38e-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-135471
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-5440
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-5440
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // CNVD: CNVD-2018-02846 // VULHUB: VHN-135471 // JVNDB: JVNDB-2018-002168 // CNNVD: CNNVD-201802-355 // NVD: CVE-2018-5440

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-135471 // JVNDB: JVNDB-2018-002168 // NVD: CVE-2018-5440

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-355

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // CNNVD: CNNVD-201802-355

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002168

PATCH
title:Top Pageurl:https://www.codesys.com/
Trust: 0.8
title:3S CODESYS WebVisu Web Server Component Stack Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/115819
Trust: 0.6
title:3S-Smart Software Solutions CODESYS Web Server Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78448
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-02846 // 
            
            
            
            JVNDB: JVNDB-2018-002168 // 
            
            
            
            CNNVD: CNNVD-201802-355

EXTERNAL IDS
db:NVDid:CVE-2018-5440
Trust: 3.6
db:ICS CERTid:ICSA-18-032-02
Trust: 3.4
db:BIDid:102909
Trust: 2.0
db:CNNVDid:CNNVD-201802-355
Trust: 0.9
db:CNVDid:CNVD-2018-02846
Trust: 0.8
db:JVNDBid:JVNDB-2018-002168
Trust: 0.8
db:IVDid:E2E35192-39AB-11E9-B38E-000C29342CB1
Trust: 0.2
db:SEEBUGid:SSVID-99016
Trust: 0.1
db:VULHUBid:VHN-135471
Trust: 0.1
sources:
            
            
            IVD: e2e35192-39ab-11e9-b38e-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2018-02846 // 
            
            
            
            VULHUB: VHN-135471 // 
            
            
            
            BID: 102909 // 
            
            
            
            JVNDB: JVNDB-2018-002168 // 
            
            
            
            CNNVD: CNNVD-201802-355 // 
            
            
            
            NVD: CVE-2018-5440

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-032-02
Trust: 3.4
url:http://www.securityfocus.com/bid/102909
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5440
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-5440
Trust: 0.8
url:https://www.codesys.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-02846 // 
            
            
            
            VULHUB: VHN-135471 // 
            
            
            
            BID: 102909 // 
            
            
            
            JVNDB: JVNDB-2018-002168 // 
            
            
            
            CNNVD: CNNVD-201802-355 // 
            
            
            
            NVD: CVE-2018-5440

CREDITS
Zhu WenZhe of Istury IOT security lab.
Trust: 0.9
sources:
            
            
            BID: 102909 // 
            
            
            
            CNNVD: CNNVD-201802-355

SOURCES
db:IVDid:e2e35192-39ab-11e9-b38e-000c29342cb1
db:CNVDid:CNVD-2018-02846
db:VULHUBid:VHN-135471
db:BIDid:102909
db:JVNDBid:JVNDB-2018-002168
db:CNNVDid:CNNVD-201802-355
db:NVDid:CVE-2018-5440

LAST UPDATE DATE
2024-11-23T22:41:58.304000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-02846date:2018-02-06T00:00:00
db:VULHUBid:VHN-135471date:2020-09-18T00:00:00
db:BIDid:102909date:2018-02-01T00:00:00
db:JVNDBid:JVNDB-2018-002168date:2018-03-29T00:00:00
db:CNNVDid:CNNVD-201802-355date:2020-09-21T00:00:00
db:NVDid:CVE-2018-5440date:2024-11-21T04:08:48.530

SOURCES RELEASE DATE
db:IVDid:e2e35192-39ab-11e9-b38e-000c29342cb1date:2018-02-06T00:00:00
db:CNVDid:CNVD-2018-02846date:2018-02-06T00:00:00
db:VULHUBid:VHN-135471date:2018-02-15T00:00:00
db:BIDid:102909date:2018-02-01T00:00:00
db:JVNDBid:JVNDB-2018-002168date:2018-03-29T00:00:00
db:CNNVDid:CNNVD-201802-355date:2018-02-12T00:00:00
db:NVDid:CVE-2018-5440date:2018-02-15T10:29:00.680