Risk | High |
Patch available | YES |
Number of vulnerabilities | 6 |
CVE-ID | CVE-2019-10996 CVE-2019-10978 CVE-2019-10984 CVE-2019-10990 |
CWE-ID | CWE-416 CWE-125 CWE-822 CWE-321 CWE-119 CWE-121 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Crimson Client/Desktop applications / Software for system administration |
Vendor | Red Lion Controls |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
EUVDB-ID: #VU20898
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-10996
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing CD31 files. A remote attacker can trick a victim to open a specially crafted file, that can reference memory after it has been freed and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-783/
http://www.zerodayinitiative.com/advisories/ZDI-19-788/
http://www.zerodayinitiative.com/advisories/ZDI-19-787/
http://www.zerodayinitiative.com/advisories/ZDI-19-797/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20900
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-10978
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
Description
The vulnerability allows a remote attacker to disclose sensitive information on the target system.
The vulnerability exists due to a boundary error when processing CD31 files. A remote attacker can trick a victim to open a specially crafted file, trigger out-of-bounds read error and disclose sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-796/
http://www.zerodayinitiative.com/advisories/ZDI-19-795/
http://www.zerodayinitiative.com/advisories/ZDI-19-790/
http://www.zerodayinitiative.com/advisories/ZDI-19-794/
http://www.zerodayinitiative.com/advisories/ZDI-19-792/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20902
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-10984
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-789/
http://www.zerodayinitiative.com/advisories/ZDI-19-786/
http://www.zerodayinitiative.com/advisories/ZDI-19-791/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20903
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-10990
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-785/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20922
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when when parsing CD31 files. A remote unauthenticated attacker can trick the user to open a specially crafted file, trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-793/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20921
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when when parsing CD3 files. A remote unauthenticated attacker can trick the user to open a specially crafted file, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCrimson: 3.0.207 - 3111.000
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-19-248-01
http://www.zerodayinitiative.com/advisories/ZDI-19-784/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.