CVE-2014-8385 - OpenCVE

Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Advantech	Eki-1200 Gateway Series Firmware Eki-1221 Eki-1221d Eki-1222 Eki-1222d Eki-1224

Configuration 1 [-]

AND

cpe:2.3:o:advantech:eki-1200_gateway_series_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:advantech:eki-1221::::::::
	cpe:2.3:h:advantech:eki-1221d::::::::
	cpe:2.3:h:advantech:eki-1222::::::::
	cpe:2.3:h:advantech:eki-1222d::::::::
	cpe:2.3:h:advantech:eki-1224::::::::

No data.

References

Link	Providers
https://ics-cert.us-cert.gov/advisories/ICSA-15-041-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-02-13T02:00:00

Updated: 2024-08-06T13:18:47.915Z

Reserved: 2014-10-22T00:00:00

Link: CVE-2014-8385

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2015-02-13T02:59:07.127

Modified: 2015-02-13T23:20:16.770

Link: CVE-2014-8385

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:advantech:eki-1200_gateway_series_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55E38F73-2921-4B22-BC75-B3E39EEE900D", "versionEndIncluding": "1.62", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:advantech:eki-1221:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EF68C24-50F1-4787-BE9C-239D3EECDC58", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1221d:*:*:*:*:*:*:*:*", "matchCriteriaId": "02F1327A-B789-4228-9C4B-BA268E51B2A7", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1222:*:*:*:*:*:*:*:*", "matchCriteriaId": "2552D510-CF16-4D89-905B-CBDFCA823EF6", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1222d:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9C45EFA-F054-4195-AA46-1F367A46FC15", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1224:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F0257A7-0B2C-4006-B923-B5AD667B2883", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de buffer en las pasarelas Advantech EKI-1200 con firmware anterior a 1.63 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-8385", "lastModified": "2015-02-13T23:20:16.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-02-13T02:59:07.127", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-041-01"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}