Details of VAR-201908-0865

ID

VAR-201908-0865

CVE

CVE-2019-13513

TITLE

Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Trust: 3.5

sources: ZDI: ZDI-19-722 // ZDI: ZDI-19-720 // ZDI: ZDI-19-718 // ZDI: ZDI-19-719 // ZDI: ZDI-19-721

DESCRIPTION

In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. Delta Industrial Automation DOPSoft Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected instances of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DPA files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics Industrial Automation DOPSoft is a set of human-machine interface (HMI) software from Taiwan's Delta Electronics (Delta Electronics) company. The vulnerability originated when the network system or product performed operations on the memory, and the data boundary was not correctly verified, resulting in an incorrect execution of the associated other memory location. For read and write operations, an attacker can use this vulnerability to cause a buffer overflow or heap overflow

Trust: 5.31

sources: NVD: CVE-2019-13513 // JVNDB: JVNDB-2019-008435 // ZDI: ZDI-19-722 // ZDI: ZDI-19-720 // ZDI: ZDI-19-718 // ZDI: ZDI-19-719 // ZDI: ZDI-19-721 // CNVD: CNVD-2020-17022

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-17022

AFFECTED PRODUCTS

vendor:	delta industrial automation	model:	dopsoft	scope:	-	version:	-	Trust: 3.5
vendor:	deltaww	model:	delta industrial automation dopsoft	scope:	lte	version:	4.00.06.15	Trust: 1.0
vendor:	delta	model:	industrial automation dopsoft	scope:	lte	version:	4.00.06.15	Trust: 0.8
vendor:	delta	model:	electronics delta industrial automation dopsoft	scope:	lte	version:	<=4.00.06.15	Trust: 0.6

sources: ZDI: ZDI-19-722 // ZDI: ZDI-19-720 // ZDI: ZDI-19-718 // ZDI: ZDI-19-719 // ZDI: ZDI-19-721 // CNVD: CNVD-2020-17022 // JVNDB: JVNDB-2019-008435 // NVD: CVE-2019-13513

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2019-13513
value:	HIGH
Trust: 3.5
nvd@nist.gov:	CVE-2019-13513
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-13513
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-17022
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201908-939
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2019-13513
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-17022
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

ZDI:	CVE-2019-13513
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 3.5
nvd@nist.gov:	CVE-2019-13513
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-13513
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2019-008435 // NVD: CVE-2019-13513

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201908-939

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201908-939

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008435

PATCH

title:	Delta Industrial Automation has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-19-225-01	Trust: 3.5
title:	Top Page	url:	http://www.deltaww.com/	Trust: 0.8
title:	Patch for Delta Industrial Automation DOPSoft buffer overflow vulnerability (CNVD-2020-17022)	url:	https://www.cnvd.org.cn/patchInfo/show/208771	Trust: 0.6
title:	Delta Industrial Automation DOPSoft Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96622	Trust: 0.6

EXTERNAL IDS

db:	NVD	id:	CVE-2019-13513	Trust: 6.5
db:	ICS CERT	id:	ICSA-19-225-01	Trust: 3.0
db:	ZDI	id:	ZDI-19-722	Trust: 2.3
db:	ZDI	id:	ZDI-19-720	Trust: 2.3
db:	ZDI	id:	ZDI-19-718	Trust: 2.3
db:	ZDI	id:	ZDI-19-719	Trust: 2.3
db:	ZDI	id:	ZDI-19-721	Trust: 2.3
db:	JVNDB	id:	JVNDB-2019-008435	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-8282	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-8253	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-8251	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-8252	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-8254	Trust: 0.7
db:	CNVD	id:	CNVD-2020-17022	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3104	Trust: 0.6
db:	CNNVD	id:	CNNVD-201908-939	Trust: 0.6

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-19-225-01	Trust: 7.1
url:	https://www.zerodayinitiative.com/advisories/zdi-19-722/	Trust: 2.2
url:	https://www.zerodayinitiative.com/advisories/zdi-19-719/	Trust: 1.6
url:	https://www.zerodayinitiative.com/advisories/zdi-19-718/	Trust: 1.6
url:	https://www.zerodayinitiative.com/advisories/zdi-19-720/	Trust: 1.6
url:	https://www.zerodayinitiative.com/advisories/zdi-19-721/	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13513	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13513	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.3104/	Trust: 0.6

CREDITS

kimiya of 9SG Security Team - kimiya@9sgsec.com

Trust: 4.1

sources: ZDI: ZDI-19-722 // ZDI: ZDI-19-720 // ZDI: ZDI-19-718 // ZDI: ZDI-19-719 // ZDI: ZDI-19-721 // CNNVD: CNNVD-201908-939

SOURCES

db:	ZDI	id:	ZDI-19-722
db:	ZDI	id:	ZDI-19-720
db:	ZDI	id:	ZDI-19-718
db:	ZDI	id:	ZDI-19-719
db:	ZDI	id:	ZDI-19-721
db:	CNVD	id:	CNVD-2020-17022
db:	JVNDB	id:	JVNDB-2019-008435
db:	CNNVD	id:	CNNVD-201908-939
db:	NVD	id:	CVE-2019-13513

LAST UPDATE DATE

2024-11-23T21:59:47.164000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-722	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-720	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-718	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-719	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-721	date:	2019-08-16T00:00:00
db:	CNVD	id:	CNVD-2020-17022	date:	2020-03-13T00:00:00
db:	JVNDB	id:	JVNDB-2019-008435	date:	2019-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201908-939	date:	2019-09-03T00:00:00
db:	NVD	id:	CVE-2019-13513	date:	2024-11-21T04:25:02.860

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-19-722	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-720	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-718	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-719	date:	2019-08-16T00:00:00
db:	ZDI	id:	ZDI-19-721	date:	2019-08-16T00:00:00
db:	CNVD	id:	CNVD-2020-17022	date:	2020-03-13T00:00:00
db:	JVNDB	id:	JVNDB-2019-008435	date:	2019-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201908-939	date:	2019-08-13T00:00:00
db:	NVD	id:	CVE-2019-13513	date:	2019-08-15T19:15:11.090