Vulnerabilities > CVE-2018-5452 - Out-of-bounds Write vulnerability in Emerson Controlwave Micro Firmware 05.78.00

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

emerson

CWE-787

NVD

Published: 2018-03-07

Updated: 2020-09-18

Summary

A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode.

Vulnerable Configurations

Part	Description	Count
OS	Emerson Emerson Controlwave Micro Firmware 05.78.00	1
Hardware	Emerson Emerson Controlwave Micro -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03
http://www.securityfocus.com/bid/103180