CVE-2018-10601

Beschreibung:
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an „echo“ service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow.

CWE: CWE-787

CVSS-Bewertung
CVSS 2: MEDIUM – 5.4 (Version: 2.0)
CVSS 3: HIGH – 8.2 (Version: 3.1)

Links:

NVD – CVE-2018-10601
CVE – CVE-2018-10601

Link (max. 20) Quelle Tags
https://ics-cert.us-cert.gov/advisories/ICSMA-18-156-01 MISC Third Party Advisory US Government Resource Third Party Advisory
https://security.netapp.com/advisory/ntap-20190327-0006/ CONFIRM Third Party Advisory Third Party Advisory
https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32 MISC Vendor Advisory Third Party Advisory
[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list MLIST Mailing List Third Party Advisory
[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari opened a new pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Third Party Advisory
[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari commented on pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Third Party Advisory
[bookkeeper-issues] 20210419 [GitHub] [bookkeeper] lhotari opened a new pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Third Party Advisory
[pulsar-commits] 20210419 [GitHub] [pulsar] eolivelli merged pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Third Party Advisory
[pulsar-commits] 20210419 [GitHub] [pulsar] lhotari edited a comment on pull request #10261: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Patch Third Party Advisory
[pulsar-commits] 20210419 [pulsar] branch master updated: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 (#10261) MLIST Mailing List Patch Third Party Advisory
[bookkeeper-issues] 20210421 [GitHub] [bookkeeper] lhotari commented on pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST Mailing List Third Party Advisory
[bookkeeper-issues] 20210507 [GitHub] [bookkeeper] dlg99 commented on pull request #2693: [Security] Upgrade vertx to 3.9.7, addresses CVE-2018-12541 MLIST

Quelle: NVD – CVE-2018-10601
Datum Veröffentlichung: 2018-06-05T20:29Z, Datum letzte Änderung: 2020-09-04T15:52Z