Denial of service in Emerson ControlWave Micro
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-5452 |
| CWE-ID | CWE-121 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
ControlWave Micro Client/Desktop applications / Other client software |
| Vendor | Emerson |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Stack-based buffer overflow
EUVDB-ID: #VU10786
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-5452
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to stack-based buffer overflow. A remote attacker can send specially crafted packets on Port 20547 and force the PLC to change its state into halt mode.
Emerson offers the following mitigation advice:
- Assess which ControlWave products in your organization have Ethernet connectivity.
- Upgrade the affected devices to firmware version 05.79.00 to correct this possible action. System firmware upgrade instructions are available in product documentation (ControlWave Micro Process Automation Controller Instruction Manual, part D301392X012).
- The resolution described is available only to the user when appropriately incorporated into the application running in ControlWave Micro firmware.
- Prior to upgrading the system firmware, always perform a full alarm and historical collection (archive files as well as audit logs).
ControlWave Micro: All versions
CPE2.3 External linkshttps://ics-cert.us-cert.gov/advisories/ICSA-18-058-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
