Lucene search

[email protected]NVD:CVE-2018-19012

HistoryJan 28, 2019 - 9:29 p.m.

CVE-2018-19012

2019-01-2821:29:00

CWE-269

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.4%

JSON

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system.

Affected configurations

NVD

Node

draegerkappa_firmware

AND

draegerkappaMatch-

Node

draegerinfinity_explorer_c700_firmware

AND

draegerinfinity_explorer_c700Match-

Node

draegerdelta_xl_firmware

AND

draegerdelta_xlMatch-

Node

draegerinfinity_delta_firmware

AND

draegerinfinity_deltaMatch-

References

www.securityfocus.com/bid/106683

ics-cert.us-cert.gov/advisories/ICSMA-19-022-01

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

10.4%

JSON

Related for NVD:CVE-2018-19012

cve1 prion1 cvelist1 ics1