CVE-2018-19023 - OpenCVE

Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hetronic	Bms-hl Bms-hl Firmware Dc Mobile Dc Mobile Firmware Es-can-hl Es-can-hl Firmware Mlc Mlc Firmware Nova-m Nova-m Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hetronic:nova-m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hetronic:nova-m:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hetronic:es-can-hl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hetronic:es-can-hl:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hetronic:bms-hl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hetronic:bms-hl:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hetronic:mlc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hetronic:mlc:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hetronic:dc_mobile_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hetronic:dc_mobile:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/106448
https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2019-01-25T20:00:00Z

Updated: 2024-09-16T22:14:20.920Z

Reserved: 2018-11-06T00:00:00

Link: CVE-2018-19023

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-01-25T20:29:00.330

Modified: 2019-10-09T23:37:37.647

Link: CVE-2018-19023

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Hetronic Nova-M", "vendor": "Hetronic", "versions": [{"status": "affected", "version": "All versions prior to version r161"}]}], "datePublic": "2019-01-03T00:00:00", "descriptions": [{"lang": "en", "value": "Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-294", "description": "AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-02-01T00:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03"}, {"name": "106448", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106448"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2019-01-03T00:00:00", "ID": "CVE-2018-19023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Hetronic Nova-M", "version": {"version_data": [{"version_value": "All versions prior to version r161"}]}}]}, "vendor_name": "Hetronic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "AUTHENTICATION BYPASS BY CAPTURE-REPLAY CWE-294"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03"}, {"name": "106448", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106448"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:23:08.922Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03"}, {"name": "106448", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106448"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2018-19023", "datePublished": "2019-01-25T20:00:00Z", "dateReserved": "2018-11-06T00:00:00", "dateUpdated": "2024-09-16T22:14:20.920Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hetronic:nova-m_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A445383-F447-497B-8AC6-60B795F19686", "versionEndExcluding": "r161", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hetronic:nova-m:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EF7F3AA-0E94-4E0C-9640-3DB565A334C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hetronic:es-can-hl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8175E41A-4B7C-43B5-A47D-EF0C1DD9E795", "versionEndExcluding": "main_r1864", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hetronic:es-can-hl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7720655C-8D6B-4844-A882-FB9700BBC376", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hetronic:bms-hl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "315F1990-69CF-4BA5-8B6A-C4DF6BE0E5E7", "versionEndExcluding": "main_r1175", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hetronic:bms-hl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8588B38E-25D9-4C28-B99F-CA0A1C4A7E70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hetronic:mlc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "97F85EC8-E927-4D41-92F7-51DC3C8FF72F", "versionEndExcluding": "main_r1600", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hetronic:mlc:-:*:*:*:*:*:*:*", "matchCriteriaId": "96D1E7A8-31C7-40CE-B114-E1336EFFA27C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hetronic:dc_mobile_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "12945B5F-FF44-4B42-9FDE-98034B9342F1", "versionEndExcluding": "main_r515", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hetronic:dc_mobile:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D52574C-9899-4395-BDAC-DB3819067719", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state."}, {"lang": "es", "value": "Hetronic Nova-M, en versiones anteriores a la r161, emplea c\u00f3digos fijos que pueden reproducirse mediante el rastreo y la retransmisi\u00f3n. Esto puede conducir a la reproducci\u00f3n no autorizada de un comando, la suplantaci\u00f3n de un mensaje arbitrario o al mantenimiento de la carga controlada en un estado de parada permanente."}], "id": "CVE-2018-19023", "lastModified": "2019-10-09T23:37:37.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-25T20:29:00.330", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106448"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-294"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}