Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2018-17933 | First vendor Publication | 2018-10-30 |
Vendor | Cve | Last vendor Modification | 2019-10-09 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 8.8 | ||
Base Score | 8.8 | Environmental Score | 8.8 |
impact SubScore | 5.9 | Temporal Score | 8.8 |
Exploitabality Sub Score | 2.8 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior versions may also be affected) connected to the VGo XAMPP. User accounts may be able to execute commands that are outside the scope of their privileges and within the scope of an admin account. If an attacker has access to VGo XAMPP Client credentials, they may be able to execute admin commands on the connected robot. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17933 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Sources (Detail)
Source | Url |
---|---|
MISC | https://ics-cert.us-cert.gov/advisories/ICSA-18-114-01 |
Alert History
Date | Informations |
---|---|
2020-05-23 01:10:37 |
|
2019-10-10 05:20:33 |
|
2019-10-03 09:21:00 |
|
2018-12-10 17:19:03 |
|
2018-10-31 00:21:20 |
|