Sign-up

ID

VAR-201809-0151


CVE

CVE-2018-14811


TITLE

Fuji Electric V-Server VPR File Parsing CArchive Read Untrusted Pointer Dereference Remote Code Execution Vulnerability

Trust: 2.1

sources: ZDI: ZDI-18-1011 // ZDI: ZDI-18-1020 // ZDI: ZDI-18-1021

DESCRIPTION

Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been identified, which may allow remote code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code under the context of the process. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. A heap-based buffer overflow vulnerability 4. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

Trust: 5.85

sources: NVD: CVE-2018-14811 // JVNDB: JVNDB-2018-010414 // ZDI: ZDI-18-1014 // ZDI: ZDI-18-1011 // ZDI: ZDI-18-1020 // ZDI: ZDI-18-1022 // ZDI: ZDI-18-1021 // CNVD: CNVD-2019-03306 // BID: 105341 // IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // VULHUB: VHN-125008

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // CNVD: CNVD-2019-03306

AFFECTED PRODUCTS

vendor:fuji electricmodel:v-serverscope: - version: -

Trust: 3.5

vendor:fujielectricmodel:v-serverscope:lteversion:4.0.3.0

Trust: 1.0

vendor:fuji electricmodel:v-serverscope:lteversion:4.0.3.0

Trust: 0.8

vendor:fujimodel:electric v-server vprscope:lteversion:<=4.0.3.0

Trust: 0.6

vendor:fujielectricmodel:v-serverscope:eqversion:4.0.3.0

Trust: 0.6

vendor:fujimodel:electric v-serverscope:eqversion:4.0.3.0

Trust: 0.3

vendor:fujimodel:electric v-serverscope:eqversion:4.0.1.0

Trust: 0.3

vendor:fujimodel:electric v-serverscope:eqversion:4.0.0.0

Trust: 0.3

vendor:fujimodel:electric v-serverscope:eqversion:3.3.22.0

Trust: 0.3

vendor:fujimodel:electric v-serverscope:neversion:4.0.4.0

Trust: 0.3

vendor:v servermodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // ZDI: ZDI-18-1014 // ZDI: ZDI-18-1011 // ZDI: ZDI-18-1020 // ZDI: ZDI-18-1022 // ZDI: ZDI-18-1021 // CNVD: CNVD-2019-03306 // BID: 105341 // JVNDB: JVNDB-2018-010414 // CNNVD: CNNVD-201809-577 // NVD: CVE-2018-14811

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2018-14811
value: MEDIUM

Trust: 3.5

nvd@nist.gov: CVE-2018-14811
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-14811
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-03306
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201809-577
value: CRITICAL

Trust: 0.6

IVD: 7d85de80-463f-11e9-8522-000c29342cb1
value: CRITICAL

Trust: 0.2

VULHUB: VHN-125008
value: HIGH

Trust: 0.1

ZDI: CVE-2018-14811
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 3.5

nvd@nist.gov: CVE-2018-14811
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-03306
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d85de80-463f-11e9-8522-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-125008
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-14811
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // ZDI: ZDI-18-1014 // ZDI: ZDI-18-1011 // ZDI: ZDI-18-1020 // ZDI: ZDI-18-1022 // ZDI: ZDI-18-1021 // CNVD: CNVD-2019-03306 // VULHUB: VHN-125008 // JVNDB: JVNDB-2018-010414 // CNNVD: CNNVD-201809-577 // NVD: CVE-2018-14811

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.9

problemtype:CWE-822

Trust: 1.0

sources: VULHUB: VHN-125008 // JVNDB: JVNDB-2018-010414 // NVD: CVE-2018-14811

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-577

TYPE

Code problem

Trust: 0.8

sources: IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // CNNVD: CNNVD-201809-577

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-010414

PATCH
title:Fuji Electric has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-254-01
Trust: 3.5
title:トップページurl:https://www.fujielectric.co.jp/
Trust: 0.8
title:Fuji Electric V-Server releases patches for reusing vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/152185
Trust: 0.6
title:Fuji Electric V-Server VPR Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84844
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-1014 // 
            
            
            
            ZDI: ZDI-18-1011 // 
            
            
            
            ZDI: ZDI-18-1020 // 
            
            
            
            ZDI: ZDI-18-1022 // 
            
            
            
            ZDI: ZDI-18-1021 // 
            
            
            
            CNVD: CNVD-2019-03306 // 
            
            
            
            JVNDB: JVNDB-2018-010414 // 
            
            
            
            CNNVD: CNNVD-201809-577

EXTERNAL IDS
db:NVDid:CVE-2018-14811
Trust: 7.1
db:ICS CERTid:ICSA-18-254-01
Trust: 2.8
db:BIDid:105341
Trust: 2.6
db:CNNVDid:CNNVD-201809-577
Trust: 0.9
db:CNVDid:CNVD-2019-03306
Trust: 0.8
db:JVNDBid:JVNDB-2018-010414
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5880
Trust: 0.7
db:ZDIid:ZDI-18-1014
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-5878
Trust: 0.7
db:ZDIid:ZDI-18-1011
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-5886
Trust: 0.7
db:ZDIid:ZDI-18-1020
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-5888
Trust: 0.7
db:ZDIid:ZDI-18-1022
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-5887
Trust: 0.7
db:ZDIid:ZDI-18-1021
Trust: 0.7
db:IVDid:7D85DE80-463F-11E9-8522-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-125008
Trust: 0.1
sources:
            
            
            IVD: 7d85de80-463f-11e9-8522-000c29342cb1 // 
            
            
            
            ZDI: ZDI-18-1014 // 
            
            
            
            ZDI: ZDI-18-1011 // 
            
            
            
            ZDI: ZDI-18-1020 // 
            
            
            
            ZDI: ZDI-18-1022 // 
            
            
            
            ZDI: ZDI-18-1021 // 
            
            
            
            CNVD: CNVD-2019-03306 // 
            
            
            
            VULHUB: VHN-125008 // 
            
            
            
            BID: 105341 // 
            
            
            
            JVNDB: JVNDB-2018-010414 // 
            
            
            
            CNNVD: CNNVD-201809-577 // 
            
            
            
            NVD: CVE-2018-14811

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-254-01
Trust: 6.3
url:http://www.securityfocus.com/bid/105341
Trust: 2.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14811
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-14811
Trust: 0.8
url:http://www.fujielectric.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-1014 // 
            
            
            
            ZDI: ZDI-18-1011 // 
            
            
            
            ZDI: ZDI-18-1020 // 
            
            
            
            ZDI: ZDI-18-1022 // 
            
            
            
            ZDI: ZDI-18-1021 // 
            
            
            
            CNVD: CNVD-2019-03306 // 
            
            
            
            VULHUB: VHN-125008 // 
            
            
            
            BID: 105341 // 
            
            
            
            JVNDB: JVNDB-2018-010414 // 
            
            
            
            CNNVD: CNNVD-201809-577 // 
            
            
            
            NVD: CVE-2018-14811

CREDITS
Steven Seeley (mr_me) of Source Incite
Trust: 3.5
sources:
            
            
            ZDI: ZDI-18-1014 // 
            
            
            
            ZDI: ZDI-18-1011 // 
            
            
            
            ZDI: ZDI-18-1020 // 
            
            
            
            ZDI: ZDI-18-1022 // 
            
            
            
            ZDI: ZDI-18-1021

SOURCES
db:IVDid:7d85de80-463f-11e9-8522-000c29342cb1
db:ZDIid:ZDI-18-1014
db:ZDIid:ZDI-18-1011
db:ZDIid:ZDI-18-1020
db:ZDIid:ZDI-18-1022
db:ZDIid:ZDI-18-1021
db:CNVDid:CNVD-2019-03306
db:VULHUBid:VHN-125008
db:BIDid:105341
db:JVNDBid:JVNDB-2018-010414
db:CNNVDid:CNNVD-201809-577
db:NVDid:CVE-2018-14811

LAST UPDATE DATE
2024-11-23T21:38:23.937000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-1014date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1011date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1020date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1022date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1021date:2018-09-12T00:00:00
db:CNVDid:CNVD-2019-03306date:2019-01-30T00:00:00
db:VULHUBid:VHN-125008date:2019-10-09T00:00:00
db:BIDid:105341date:2018-09-11T00:00:00
db:JVNDBid:JVNDB-2018-010414date:2018-12-13T00:00:00
db:CNNVDid:CNNVD-201809-577date:2019-10-17T00:00:00
db:NVDid:CVE-2018-14811date:2024-11-21T03:49:50.773

SOURCES RELEASE DATE
db:IVDid:7d85de80-463f-11e9-8522-000c29342cb1date:2019-01-30T00:00:00
db:ZDIid:ZDI-18-1014date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1011date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1020date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1022date:2018-09-12T00:00:00
db:ZDIid:ZDI-18-1021date:2018-09-12T00:00:00
db:CNVDid:CNVD-2019-03306date:2019-01-30T00:00:00
db:VULHUBid:VHN-125008date:2018-09-26T00:00:00
db:BIDid:105341date:2018-09-11T00:00:00
db:JVNDBid:JVNDB-2018-010414date:2018-12-13T00:00:00
db:CNNVDid:CNNVD-201809-577date:2018-09-13T00:00:00
db:NVDid:CVE-2018-14811date:2018-09-26T20:29:00.403