Details of VAR-201810-0401

ID

VAR-201810-0401

CVE

CVE-2018-14828

TITLE

Advantech WebAccess Improper Rights Management Vulnerability

Trust: 0.8

sources: IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // CNVD: CNVD-2018-21934

DESCRIPTION

Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files and perform actions at a system administrator level. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. Advantech WebAccess has an improper rights management vulnerability. Advantech WebAccess is prone to the following security vulnerabilities: 1. A stack-based buffer overflow vulnerability 2. A directory-traversal vulnerability 3. An arbitrary-file-deletion vulnerability 4. This may aid in further attacks. Advantech WebAccess 8.3.1 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.33

sources: NVD: CVE-2018-14828 // JVNDB: JVNDB-2018-011087 // ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // BID: 105728 // IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // VULHUB: VHN-125026

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // CNVD: CNVD-2018-21934

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	lte	version:	8.3.1	Trust: 1.8
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.3.1	Trust: 0.9
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 0.7
vendor:	advantech	model:	webaccess	scope:	lte	version:	<=8.3.1	Trust: 0.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.3	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.2	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.1	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	ne	version:	8.3.3	Trust: 0.3
vendor:	webaccess	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // BID: 105728 // JVNDB: JVNDB-2018-011087 // CNNVD: CNNVD-201810-1190 // NVD: CVE-2018-14828

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-14828
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-14828
value:	HIGH
Trust: 0.8
ZDI:	CVE-2018-14828
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2018-21934
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201810-1190
value:	HIGH
Trust: 0.6
IVD:	e2fec8d1-39ab-11e9-b5cc-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-125026
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-14828
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-21934
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2fec8d1-39ab-11e9-b5cc-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-125026
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-14828
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
ZDI:	CVE-2018-14828
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // VULHUB: VHN-125026 // JVNDB: JVNDB-2018-011087 // CNNVD: CNNVD-201810-1190 // NVD: CVE-2018-14828

PROBLEMTYPE DATA

problemtype:	CWE-269	Trust: 1.1
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-125026 // JVNDB: JVNDB-2018-011087 // NVD: CVE-2018-14828

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-1190

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201810-1190

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011087

PATCH

title:	トップページ	url:	https://www.advantech.co.jp/	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-18-296-01	Trust: 0.7
title:	Patch for Advantech WebAccess Improper Rights Management Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/143391	Trust: 0.6
title:	Advantech WebAccess Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86282	Trust: 0.6

sources: ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // JVNDB: JVNDB-2018-011087 // CNNVD: CNNVD-201810-1190

EXTERNAL IDS

db:	NVD	id:	CVE-2018-14828	Trust: 4.3
db:	ICS CERT	id:	ICSA-18-296-01	Trust: 3.4
db:	BID	id:	105728	Trust: 2.6
db:	SECTRACK	id:	1041939	Trust: 1.7
db:	CNNVD	id:	CNNVD-201810-1190	Trust: 0.9
db:	CNVD	id:	CNVD-2018-21934	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-011087	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-6828	Trust: 0.7
db:	ZDI	id:	ZDI-18-1319	Trust: 0.7
db:	IVD	id:	E2FEC8D1-39AB-11E9-B5CC-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-125026	Trust: 0.1

sources: IVD: e2fec8d1-39ab-11e9-b5cc-000c29342cb1 // ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // VULHUB: VHN-125026 // BID: 105728 // JVNDB: JVNDB-2018-011087 // CNNVD: CNNVD-201810-1190 // NVD: CVE-2018-14828

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-296-01	Trust: 3.0
url:	http://www.securityfocus.com/bid/105728	Trust: 1.7
url:	http://www.securitytracker.com/id/1041939	Trust: 1.7
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-296-01%2c	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14828	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14828	Trust: 0.8
url:	http://webaccess.advantech.com	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-296-01,	Trust: 0.1

sources: ZDI: ZDI-18-1319 // CNVD: CNVD-2018-21934 // VULHUB: VHN-125026 // BID: 105728 // JVNDB: JVNDB-2018-011087 // CNNVD: CNNVD-201810-1190 // NVD: CVE-2018-14828

CREDITS

Fritz Sands of Trend Micro Zero Day Initiative

Trust: 0.7

sources: ZDI: ZDI-18-1319

SOURCES

db:	IVD	id:	e2fec8d1-39ab-11e9-b5cc-000c29342cb1
db:	ZDI	id:	ZDI-18-1319
db:	CNVD	id:	CNVD-2018-21934
db:	VULHUB	id:	VHN-125026
db:	BID	id:	105728
db:	JVNDB	id:	JVNDB-2018-011087
db:	CNNVD	id:	CNNVD-201810-1190
db:	NVD	id:	CVE-2018-14828

LAST UPDATE DATE

2024-08-14T14:32:56.232000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-1319	date:	2018-10-25T00:00:00
db:	CNVD	id:	CNVD-2018-21934	date:	2018-10-28T00:00:00
db:	VULHUB	id:	VHN-125026	date:	2019-10-09T00:00:00
db:	BID	id:	105728	date:	2018-10-23T00:00:00
db:	JVNDB	id:	JVNDB-2018-011087	date:	2019-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201810-1190	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-14828	date:	2023-11-07T02:53:02.377

SOURCES RELEASE DATE

db:	IVD	id:	e2fec8d1-39ab-11e9-b5cc-000c29342cb1	date:	2018-10-28T00:00:00
db:	ZDI	id:	ZDI-18-1319	date:	2018-10-25T00:00:00
db:	CNVD	id:	CNVD-2018-21934	date:	2018-10-28T00:00:00
db:	VULHUB	id:	VHN-125026	date:	2018-10-23T00:00:00
db:	BID	id:	105728	date:	2018-10-23T00:00:00
db:	JVNDB	id:	JVNDB-2018-011087	date:	2019-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201810-1190	date:	2018-10-24T00:00:00
db:	NVD	id:	CVE-2018-14828	date:	2018-10-23T20:29:00.717