Multiple vulnerabilities in Delta Industrial Automation DOPSoft



Published: 2018-06-01
Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2018-10623
CVE-2018-10617
CVE-2018-10621
CWE-ID CWE-125
CWE-122
CWE-121
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Delta Industrial Automation DOPSoft
Client/Desktop applications / Other client software

Vendor Delta Electronics, Inc.

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU13119

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10623

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to the application performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. A remote unauthenticated attacker can bypass security restriction and cause improper restriction of operations within the bounds of the memory buffer, alter the intended control flow, read sensitive information, or cause the application to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Delta Industrial Automation DOPSoft: All versions

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-151-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Heap-based buffer overflow

EUVDB-ID: #VU13120

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10617

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The vulnerability exists due to the application utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer. A remote unauthenticated attacker can trigger heap-based buffer overflow and cause the service to crash or execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Delta Industrial Automation DOPSoft: All versions

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-151-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Stack-based buffer overflow

EUVDB-ID: #VU13121

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10621

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The vulnerability exists due to the application utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer. A remote unauthenticated attacker can trigger stack-based buffer overflow and cause the service to crash or execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Delta Industrial Automation DOPSoft: All versions

External links

http://ics-cert.us-cert.gov/advisories/ICSA-18-151-01


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###