CVE-2018-14824

Опубликовано: 27 сент. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior has an out-of-bounds read vulnerability that can be executed when processing project files, which may allow an attacker to read confidential information.

Ссылки

http://www.deltaww.com/services/DownloadCenter2.aspx?secID=8&pid=2&tid=0&CID=06&itemID=060301&typeID=1&downloadID=%2C&title=--%20Select%20Product%20Series%20--&dataType=8%3B&check=1&hl=en-US
http://www.securityfocus.com/bid/105409
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-270-04
Mitigation
Third Party Advisory
US Government Resource
http://www.deltaww.com/services/DownloadCenter2.aspx?secID=8&pid=2&tid=0&CID=06&itemID=060301&typeID=1&downloadID=%2C&title=--%20Select%20Product%20Series%20--&dataType=8%3B&check=1&hl=en-US
http://www.securityfocus.com/bid/105409
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-270-04
Mitigation
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:delta_industrial_automation_pmsoft:*:*:*:*:*:*:*:*

Версия до 2.11 (включая)

EPSS

Процентиль: 68%

0.00577

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-x5wj-5p39-rp5w