CVE-2018-14829

{"id": "CVE-2018-14829", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-09-20T19:29:00.690", "references": [{"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-263-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.tenable.com/security/research/tra-2018-26", "tags": ["Exploit", "Third Party Advisory"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code."}, {"lang": "es", "value": "Rockwell Automation RSLinx Classic en versiones 4.00.01 y anteriores. Esta vulnerabilidad podr\u00eda permitir que un actor de amenaza remoto env\u00ede de forma intencional un paquete CIP mal formado al puerto 44818, lo que provoca que la aplicaci\u00f3n deje de responder y se cierre inesperadamente. La vulnerabilidad tambi\u00e9n tiene potencial para explotar una condici\u00f3n de desbordamiento de b\u00fafer, lo que podr\u00eda permitir que el actor de amenaza ejecutar c\u00f3digo arbitrario de forma remota."}], "lastModified": "2019-10-09T23:35:18.107", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:rslinx:*:*:*:*:classic:*:*:*", "vulnerable": true, "matchCriteriaId": "8A2F3687-1906-476D-9947-B4A02AAA1E24", "versionEndIncluding": "4.00.01"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}