Sign-up

ID

VAR-201806-0553


CVE

CVE-2018-10623


TITLE

Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Trust: 1.4

sources: ZDI: ZDI-18-537 // ZDI: ZDI-18-535

DESCRIPTION

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote code execution, alter the intended control flow, allow reading of sensitive information, or cause the application to crash. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of fields in DPA files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code under the context of the current process. Delta Electronics Delta Industrial Automation DOPSoft is a set of human interface applications from Delta Electronics. A remote code-execution vulnerability 2. A stack-based buffer-overflow vulnerability 3. Failed attacks will cause denial of service conditions. DOPSoft 4.00.04 and prior are vulnerable

Trust: 3.87

sources: NVD: CVE-2018-10623 // JVNDB: JVNDB-2018-006534 // ZDI: ZDI-18-537 // ZDI: ZDI-18-535 // CNVD: CNVD-2018-12141 // BID: 104375 // IVD: e3007680-39ab-11e9-b812-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e3007680-39ab-11e9-b812-000c29342cb1 // CNVD: CNVD-2018-12141

AFFECTED PRODUCTS

vendor:delta industrial automationmodel:dopsoftscope: - version: -

Trust: 1.4

vendor:deltawwmodel:delta industrial automation dopsoftscope:lteversion:4.00.04

Trust: 1.0

vendor:deltamodel:industrial automation dopsoftscope:lteversion:4.00.04

Trust: 0.8

vendor:deltamodel:electronics delta industrial automation dopsoftscope:lteversion:<=4.00.04

Trust: 0.6

vendor:deltawwmodel:delta industrial automation dopsoftscope:eqversion:4.00.04

Trust: 0.6

vendor:deltamodel:electronics inc dopsoftscope:eqversion:4.0.4

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:eqversion:4.0.1

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:eqversion:2.0.5

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:eqversion:2.00.04.09

Trust: 0.3

vendor:deltamodel:electronics inc dopsoftscope:neversion:4.00.04.22

Trust: 0.3

vendor:delta industrial automation dopsoftmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e3007680-39ab-11e9-b812-000c29342cb1 // ZDI: ZDI-18-537 // ZDI: ZDI-18-535 // CNVD: CNVD-2018-12141 // BID: 104375 // JVNDB: JVNDB-2018-006534 // CNNVD: CNNVD-201806-809 // NVD: CVE-2018-10623

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2018-10623
value: MEDIUM

Trust: 1.4

nvd@nist.gov: CVE-2018-10623
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-10623
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-12141
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201806-809
value: CRITICAL

Trust: 0.6

IVD: e3007680-39ab-11e9-b812-000c29342cb1
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2018-10623
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2018-10623
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.4

CNVD: CNVD-2018-12141
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:C/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e3007680-39ab-11e9-b812-000c29342cb1
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:C/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-10623
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: e3007680-39ab-11e9-b812-000c29342cb1 // ZDI: ZDI-18-537 // ZDI: ZDI-18-535 // CNVD: CNVD-2018-12141 // JVNDB: JVNDB-2018-006534 // CNNVD: CNNVD-201806-809 // NVD: CVE-2018-10623

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2018-006534 // NVD: CVE-2018-10623

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-809

TYPE

Buffer error

Trust: 0.8

sources: IVD: e3007680-39ab-11e9-b812-000c29342cb1 // CNNVD: CNNVD-201806-809

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006534

PATCH
title:Delta Industrial Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-151-01
Trust: 1.4
title:Top Pageurl:http://www.deltaww.com/
Trust: 0.8
title:Delta Industrial Automation DOPSoft cross-border read vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/132877
Trust: 0.6
title:Delta Industrial Automation DOPSoft Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81327
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-537 // 
            
            
            
            ZDI: ZDI-18-535 // 
            
            
            
            CNVD: CNVD-2018-12141 // 
            
            
            
            JVNDB: JVNDB-2018-006534 // 
            
            
            
            CNNVD: CNNVD-201806-809

EXTERNAL IDS
db:NVDid:CVE-2018-10623
Trust: 4.9
db:ICS CERTid:ICSA-18-151-01
Trust: 3.3
db:BIDid:104375
Trust: 1.9
db:CNVDid:CNVD-2018-12141
Trust: 0.8
db:CNNVDid:CNNVD-201806-809
Trust: 0.8
db:JVNDBid:JVNDB-2018-006534
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5975
Trust: 0.7
db:ZDIid:ZDI-18-537
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-5973
Trust: 0.7
db:ZDIid:ZDI-18-535
Trust: 0.7
db:IVDid:E3007680-39AB-11E9-B812-000C29342CB1
Trust: 0.2
sources:
            
            
            IVD: e3007680-39ab-11e9-b812-000c29342cb1 // 
            
            
            
            ZDI: ZDI-18-537 // 
            
            
            
            ZDI: ZDI-18-535 // 
            
            
            
            CNVD: CNVD-2018-12141 // 
            
            
            
            BID: 104375 // 
            
            
            
            JVNDB: JVNDB-2018-006534 // 
            
            
            
            CNNVD: CNNVD-201806-809 // 
            
            
            
            NVD: CVE-2018-10623

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-151-01
Trust: 4.7
url:http://www.securityfocus.com/bid/104375
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10623
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-10623
Trust: 0.8
url:http://www.deltaww.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-537 // 
            
            
            
            ZDI: ZDI-18-535 // 
            
            
            
            CNVD: CNVD-2018-12141 // 
            
            
            
            BID: 104375 // 
            
            
            
            JVNDB: JVNDB-2018-006534 // 
            
            
            
            CNNVD: CNNVD-201806-809 // 
            
            
            
            NVD: CVE-2018-10623

CREDITS
b0nd @garage4hackers
Trust: 1.4
sources:
            
            
            ZDI: ZDI-18-537 // 
            
            
            
            ZDI: ZDI-18-535

SOURCES
db:IVDid:e3007680-39ab-11e9-b812-000c29342cb1
db:ZDIid:ZDI-18-537
db:ZDIid:ZDI-18-535
db:CNVDid:CNVD-2018-12141
db:BIDid:104375
db:JVNDBid:JVNDB-2018-006534
db:CNNVDid:CNNVD-201806-809
db:NVDid:CVE-2018-10623

LAST UPDATE DATE
2024-11-23T22:41:49.953000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-537date:2018-06-05T00:00:00
db:ZDIid:ZDI-18-535date:2018-06-05T00:00:00
db:CNVDid:CNVD-2018-12141date:2018-11-05T00:00:00
db:BIDid:104375date:2018-05-31T00:00:00
db:JVNDBid:JVNDB-2018-006534date:2018-08-24T00:00:00
db:CNNVDid:CNNVD-201806-809date:2019-10-17T00:00:00
db:NVDid:CVE-2018-10623date:2024-11-21T03:41:41.207

SOURCES RELEASE DATE
db:IVDid:e3007680-39ab-11e9-b812-000c29342cb1date:2018-06-27T00:00:00
db:ZDIid:ZDI-18-537date:2018-06-05T00:00:00
db:ZDIid:ZDI-18-535date:2018-06-05T00:00:00
db:CNVDid:CNVD-2018-12141date:2018-06-27T00:00:00
db:BIDid:104375date:2018-05-31T00:00:00
db:JVNDBid:JVNDB-2018-006534date:2018-08-24T00:00:00
db:CNNVDid:CNNVD-201806-809date:2018-06-01T00:00:00
db:NVDid:CVE-2018-10623date:2018-06-18T19:29:00.293