Lucene search

[email protected]CVE-2017-9634

HistoryApr 17, 2018 - 2:29 p.m.

CVE-2017-9634

2018-04-1714:29:00

CWE-787

[email protected]

web.nvd.nist.gov

mitsubishi

e-designer

version 7.52 build 344

cve-2017-9634

memory overwrite

code execution

data integrity

denial of service

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.3%

JSON

Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.

CPENameOperatorVersion
mitsubishielectric:e-designermitsubishielectric e-designereq7.52

CPE	Name	Operator	Version
mitsubishielectric:e-designer	mitsubishielectric e-designer	eq	7.52

References

www.securityfocus.com/bid/100097

ics-cert.us-cert.gov/advisories/ICSA-17-213-01

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2017-9634

prion1 nessus1 zdi2 cvelist1 ics1