Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2018-0228 CVE-2018-0227 CVE-2018-0231 CVE-2018-0240 CVE-2018-0296 |
CWE-ID | CWE-400 CWE-295 CWE-124 CWE-840 CWE-23 |
Exploitation vector | Network |
Public exploit | Vulnerability #5 is being exploited in the wild. |
Vulnerable software Subscribe |
Allen-Bradley Stratix 5950 1783-SAD2T2SPK9 Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5950 1783-SAD2T2SBK9 Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5950 1783-SAD4T0SPK9 Hardware solutions / Routers & switches, VoIP, GSM, etc Allen-Bradley Stratix 5950 1783-SAD4T0SBK9 Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | Rockwell Automation |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU12091
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0228
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the ingress flow creation functionality due to incorrect handling of an internal software lock that can prevent other system processes from getting CPU cycles, causing a high CPU condition. A remote attacker can send a steady stream of malicious IP packets that can cause connections to be created, exhaust CPU resources and cause the service to crash.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 5950 1783-SAD2T2SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD2T2SBK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SBK9: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU12092
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0227
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass security restrictions on the target system.
The weakness exists in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature due to incorrect verification of the SSL Client Certificate. A remote attacker can connect to the ASA VPN without a proper private key and certificate pair, establish an SSL VPN connection to the ASA when the connection should have been rejected and bypass certain SSL certificate verification steps.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 5950 1783-SAD2T2SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD2T2SBK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SBK9: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU12090
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0231
CWE-ID:
CWE-124 - Buffer Underwrite ('Buffer Underflow')
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Transport Layer Security (TLS) library due to insufficient validation of user-supplied input. A remote attacker can send a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) service, trigger buffer underflow and cause the service to crash.
MitigationCybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 5950 1783-SAD2T2SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD2T2SBK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SBK9: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU12089
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0240
CWE-ID:
CWE-840 - Business Logic Errors (3.0)
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Application Layer Protocol Inspection feature due to logical errors during traffic inspection. A remote attacker can send a high volume of malicious traffic, trigger a deadlock condition and cause the service to crash.
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 5950 1783-SAD2T2SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD2T2SBK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SBK9: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13246
Risk: Medium
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2018-0296
CWE-ID:
CWE-23 - Relative Path Traversal
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the web interface of the Cisco Adaptive Security Appliance (ASA) due to lack of proper input validation of the HTTP URL. A remote attacker can send a specially crafted HTTP request and cause the device to reload unexpectedly or read contest of arbitrary file on the system using directory traversal sequences.
MitigationCybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsAllen-Bradley Stratix 5950 1783-SAD2T2SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD2T2SBK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SPK9: All versions
Allen-Bradley Stratix 5950 1783-SAD4T0SBK9: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.