ID

VAR-201803-1810


CVE

CVE-2018-5476


TITLE

Delta Electronics Delta Industrial Automation DOPSoft Heap Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // CNVD: CNVD-2018-04098

DESCRIPTION

A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of the BackgroundMacro structure in a DPA file. An attacker can leverage this vulnerability to execute code under the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Versions prior to DOPSoft 4.00.04 are vulnerable

Trust: 11.34

sources: NVD: CVE-2018-5476 // ZDI: ZDI-18-234 // ZDI: ZDI-18-224 // ZDI: ZDI-18-223 // ZDI: ZDI-18-232 // ZDI: ZDI-18-225 // ZDI: ZDI-18-230 // ZDI: ZDI-18-226 // ZDI: ZDI-18-231 // ZDI: ZDI-18-220 // ZDI: ZDI-18-235 // ZDI: ZDI-18-227 // ZDI: ZDI-18-233 // ZDI: ZDI-18-222 // ZDI: ZDI-18-228 // ZDI: ZDI-18-229 // CNVD: CNVD-2018-04098 // BID: 103195 // IVD: e2ff6511-39ab-11e9-8816-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // CNVD: CNVD-2018-04098

AFFECTED PRODUCTS

vendor:delta industrial automationmodel:dopsoftscope: - version: -

Trust: 10.5

vendor:deltawwmodel:delta industrial automation dopsoftscope:lteversion:4.00.01

Trust: 1.0

vendor:deltamodel:electronics delta industrial automation dopsoftscope:lteversion:<=4.00.01

Trust: 0.6

vendor:deltawwmodel:delta industrial automation dopsoftscope:eqversion:4.00.01

Trust: 0.6

vendor:deltamodel:electronics inc dopsoftscope:eqversion:4.0.1

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:eqversion:2.0.5

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:eqversion:2.00.04.09

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:neversion:4.0.4

Trust: 0.3

vendor:delta industrial automation dopsoftmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224 // CNVD: CNVD-2018-04098 // BID: 103195 // CNNVD: CNNVD-201803-561 // NVD: CVE-2018-5476

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2018-5476
value: MEDIUM

Trust: 10.5

nvd@nist.gov: CVE-2018-5476
value: HIGH

Trust: 1.0

CNVD: CNVD-2018-04098
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201803-561
value: HIGH

Trust: 0.6

IVD: e2ff6511-39ab-11e9-8816-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-5476
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 11.5

CNVD: CNVD-2018-04098
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2ff6511-39ab-11e9-8816-000c29342cb1
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-5476
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224 // CNVD: CNVD-2018-04098 // CNNVD: CNNVD-201803-561 // NVD: CVE-2018-5476

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2018-5476

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201803-561

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // CNNVD: CNNVD-201803-561

PATCH

title:Delta Industrial Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-060-03

Trust: 10.5

title:Delta Electronics Delta Industrial Automation patch for DOPSoft heap buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/120063

Trust: 0.6

title:Delta Electronics Delta Industrial Automation DOPSoft Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79197

Trust: 0.6

sources: ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224 // CNVD: CNVD-2018-04098 // CNNVD: CNNVD-201803-561

EXTERNAL IDS

db:NVDid:CVE-2018-5476

Trust: 13.2

db:ICS CERTid:ICSA-18-060-03

Trust: 2.5

db:BIDid:103195

Trust: 1.9

db:CNVDid:CNVD-2018-04098

Trust: 0.8

db:CNNVDid:CNNVD-201803-561

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-5286

Trust: 0.7

db:ZDIid:ZDI-18-234

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5275

Trust: 0.7

db:ZDIid:ZDI-18-229

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5274

Trust: 0.7

db:ZDIid:ZDI-18-228

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5267

Trust: 0.7

db:ZDIid:ZDI-18-222

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5285

Trust: 0.7

db:ZDIid:ZDI-18-233

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5272

Trust: 0.7

db:ZDIid:ZDI-18-227

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5287

Trust: 0.7

db:ZDIid:ZDI-18-235

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5265

Trust: 0.7

db:ZDIid:ZDI-18-220

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5283

Trust: 0.7

db:ZDIid:ZDI-18-231

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5271

Trust: 0.7

db:ZDIid:ZDI-18-226

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5276

Trust: 0.7

db:ZDIid:ZDI-18-230

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5270

Trust: 0.7

db:ZDIid:ZDI-18-225

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5284

Trust: 0.7

db:ZDIid:ZDI-18-232

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5268

Trust: 0.7

db:ZDIid:ZDI-18-223

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-5269

Trust: 0.7

db:ZDIid:ZDI-18-224

Trust: 0.7

db:IVDid:E2FF6511-39AB-11E9-8816-000C29342CB1

Trust: 0.2

sources: IVD: e2ff6511-39ab-11e9-8816-000c29342cb1 // ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224 // CNVD: CNVD-2018-04098 // BID: 103195 // CNNVD: CNNVD-201803-561 // NVD: CVE-2018-5476

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-18-060-03

Trust: 13.0

url:http://www.securityfocus.com/bid/103195

Trust: 1.6

url:http://www.deltaww.com/

Trust: 0.3

sources: ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224 // CNVD: CNVD-2018-04098 // BID: 103195 // CNNVD: CNNVD-201803-561 // NVD: CVE-2018-5476

CREDITS

Ghirmay Desta

Trust: 10.5

sources: ZDI: ZDI-18-234 // ZDI: ZDI-18-229 // ZDI: ZDI-18-228 // ZDI: ZDI-18-222 // ZDI: ZDI-18-233 // ZDI: ZDI-18-227 // ZDI: ZDI-18-235 // ZDI: ZDI-18-220 // ZDI: ZDI-18-231 // ZDI: ZDI-18-226 // ZDI: ZDI-18-230 // ZDI: ZDI-18-225 // ZDI: ZDI-18-232 // ZDI: ZDI-18-223 // ZDI: ZDI-18-224

SOURCES

db:IVDid:e2ff6511-39ab-11e9-8816-000c29342cb1
db:ZDIid:ZDI-18-234
db:ZDIid:ZDI-18-229
db:ZDIid:ZDI-18-228
db:ZDIid:ZDI-18-222
db:ZDIid:ZDI-18-233
db:ZDIid:ZDI-18-227
db:ZDIid:ZDI-18-235
db:ZDIid:ZDI-18-220
db:ZDIid:ZDI-18-231
db:ZDIid:ZDI-18-226
db:ZDIid:ZDI-18-230
db:ZDIid:ZDI-18-225
db:ZDIid:ZDI-18-232
db:ZDIid:ZDI-18-223
db:ZDIid:ZDI-18-224
db:CNVDid:CNVD-2018-04098
db:BIDid:103195
db:CNNVDid:CNNVD-201803-561
db:NVDid:CVE-2018-5476

LAST UPDATE DATE

2024-12-10T23:05:27.438000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-18-234date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-229date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-228date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-222date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-233date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-227date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-235date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-220date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-231date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-226date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-230date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-225date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-232date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-223date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-224date:2018-03-02T00:00:00
db:CNVDid:CNVD-2018-04098date:2018-11-05T00:00:00
db:BIDid:103195date:2018-03-01T00:00:00
db:CNNVDid:CNNVD-201803-561date:2020-09-21T00:00:00
db:NVDid:CVE-2018-5476date:2024-11-21T04:08:52.697

SOURCES RELEASE DATE

db:IVDid:e2ff6511-39ab-11e9-8816-000c29342cb1date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-234date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-229date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-228date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-222date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-233date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-227date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-235date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-220date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-231date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-226date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-230date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-225date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-232date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-223date:2018-03-02T00:00:00
db:ZDIid:ZDI-18-224date:2018-03-02T00:00:00
db:CNVDid:CNVD-2018-04098date:2018-03-02T00:00:00
db:BIDid:103195date:2018-03-01T00:00:00
db:CNNVDid:CNNVD-201803-561date:2018-03-19T00:00:00
db:NVDid:CVE-2018-5476date:2018-03-15T23:29:00.470