Details of VAR-201901-0452

ID

VAR-201901-0452

CVE

CVE-2018-10612

TITLE

3S-Smart Software Solutions GmbH CODESYS Control V3 Access control vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-014602

DESCRIPTION

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. 3S-Smart CODESYS Control for BeagleBone, etc. are all German 3S-Smart Software Solutions company's programming software for industrial control system development. The following products and versions are affected: 3S-Smart CODESYS Control for BeagleBone, CODESYS Control for emPC-A / iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (part of CODESYS setup), CODESYS V3 Simulation Runtime (part of CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploitation may aid in launching further attacks

Trust: 2.52

sources: NVD: CVE-2018-10612 // JVNDB: JVNDB-2018-014602 // CNNVD: CNNVD-201812-788 // BID: 106248 // VULMON: CVE-2018-10612

AFFECTED PRODUCTS

vendor:	codesys	model:	control for empc-a\/imx6 sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for pfc100 sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control for beaglebone sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control rte sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control runtime toolkit	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for raspberry pi sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	development system v3	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	hmi sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for empc-a\/imx6 sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control for pfc100 sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for beaglebone sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for linux sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for iot2000 sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for pfc200 sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control runtime toolkit	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control rte sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for raspberry pi sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	development system v3	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	hmi sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control win sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control for linux sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control win sl	scope:	gte	version:	3.0	Trust: 1.0
vendor:	codesys	model:	control for iot2000 sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	codesys	model:	control for pfc200 sl	scope:	lt	version:	3.5.14.0	Trust: 1.0
vendor:	3s smart	model:	codesys control for beaglebone	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for empc-a/imx6	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for iot2000	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for linux	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for pfc100	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for pfc200	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control for raspberry pi	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control rte v3	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control runtime toolkit	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s smart	model:	codesys control win sl	scope:	lt	version:	3.5.14.0	Trust: 0.8
vendor:	3s	model:	codesys simulation runtime	scope:	eq	version:	v30	Trust: 0.3
vendor:	3s	model:	codesys hmi	scope:	eq	version:	3	Trust: 0.3
vendor:	3s	model:	codesys control runtime system toolkit	scope:	eq	version:	v30	Trust: 0.3
vendor:	3s	model:	codesys control rte	scope:	eq	version:	3	Trust: 0.3
vendor:	3s	model:	codesys control for raspberry pi	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for pfc200	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for pfc100	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for linux	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for iot2000	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for empc-a/imx6	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control for beaglebone	scope:	eq	version:	0	Trust: 0.3
vendor:	3s	model:	codesys control	scope:	ne	version:	v33.5.14.0	Trust: 0.3

sources: BID: 106248 // JVNDB: JVNDB-2018-014602 // NVD: CVE-2018-10612

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-10612
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-10612
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201812-788
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2018-10612
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-10612
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2018-10612
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULMON: CVE-2018-10612 // JVNDB: JVNDB-2018-014602 // CNNVD: CNNVD-201812-788 // NVD: CVE-2018-10612

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.8
problemtype:	CWE-311	Trust: 1.0
problemtype:	CWE-732	Trust: 1.0

sources: JVNDB: JVNDB-2018-014602 // NVD: CVE-2018-10612

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201812-788

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201812-788

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014602

PATCH

title:	Top Page	url:	https://www.codesys.com/	Trust: 0.8
title:	Multiple 3S-Smart Software Solutions Product access control error vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87999	Trust: 0.6

sources: JVNDB: JVNDB-2018-014602 // CNNVD: CNNVD-201812-788

EXTERNAL IDS

db:	ICS CERT	id:	ICSA-18-352-03	Trust: 2.8
db:	NVD	id:	CVE-2018-10612	Trust: 2.8
db:	BID	id:	106248	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-014602	Trust: 0.8
db:	CNNVD	id:	CNNVD-201812-788	Trust: 0.6
db:	VULMON	id:	CVE-2018-10612	Trust: 0.1

sources: VULMON: CVE-2018-10612 // BID: 106248 // JVNDB: JVNDB-2018-014602 // CNNVD: CNNVD-201812-788 // NVD: CVE-2018-10612

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-352-03	Trust: 2.9
url:	http://www.securityfocus.com/bid/106248	Trust: 2.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10612	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10612	Trust: 0.8
url:	https://www.codesys.com/	Trust: 0.3
url:	https://customers.codesys.com/fileadmin/data/customers/security/codesys-security-whitepaper.pdf	Trust: 0.3
url:	https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-035-codesys-control-v3-access-control-inactive-by-default/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/311.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/732.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2018-10612 // BID: 106248 // JVNDB: JVNDB-2018-014602 // CNNVD: CNNVD-201812-788 // NVD: CVE-2018-10612

CREDITS

Yury Serdyuk of Kaspersky Lab

Trust: 0.3

sources: BID: 106248

SOURCES

db:	VULMON	id:	CVE-2018-10612
db:	BID	id:	106248
db:	JVNDB	id:	JVNDB-2018-014602
db:	CNNVD	id:	CNNVD-201812-788
db:	NVD	id:	CVE-2018-10612

LAST UPDATE DATE

2024-11-23T22:58:47.443000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2018-10612	date:	2019-10-09T00:00:00
db:	BID	id:	106248	date:	2018-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-014602	date:	2019-03-29T00:00:00
db:	CNNVD	id:	CNNVD-201812-788	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-10612	date:	2024-11-21T03:41:39.853

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2018-10612	date:	2019-01-29T00:00:00
db:	BID	id:	106248	date:	2018-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-014602	date:	2019-03-29T00:00:00
db:	CNNVD	id:	CNNVD-201812-788	date:	2018-12-19T00:00:00
db:	NVD	id:	CVE-2018-10612	date:	2019-01-29T16:29:00.247