CVE-2018-8867
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-8867
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款GE产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GE PACSystems RX3i CPE305等都是美国通用电气(GE)公司的可编程自动化控制器产品。 多款GE产品中存在安全漏洞,该漏洞源于程序没有正确的验证输入。远程攻击者可通过发送特制的数据包利用该漏洞造成设备无法使用。以下产品和版本受到影响:GE PACSystems RX3i CPE305/310 9.20及之前版本;RX3i CPE330 9.21及之前版本;RX3i CPE 400 9.30及之前版本;PACSystems RSTi-EP CPE 100;PACSystems CPU32
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ICS-CERT | GE PACSystems RX3i CPE305/310 version 9.20 and prior RX3i CPE330 version 9.21 and prior RX3i CPE 400 version 9.30 and prior PACSystems RSTi-EP CPE 100 all versionsPACSystems CPU320/CRU320 RXi all versions | GE PACSystems RX3i CPE305/310 version 9.20 and prior RX3i CPE330 version 9.21 and prior RX3i CPE 400 version 9.30 and prior PACSystems RSTi-EP CPE 100 all versionsPACSystems CPU320/CRU320 RXi all versions | - |
II. Public POCs for CVE-2018-8867
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-8867
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSA-18-137-01x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-8867
IV. Related Vulnerabilities
Same weakness: CWE-20
V. Comments for CVE-2018-8867
No comments yet