cbcvebase.
CVE-2018-10630
published 2018-08-10

CVE-2018-10630: For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there…

PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
10.91%
95.3th percentile
For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.

Affected

3 ranges
VendorProductVersion rangeFixed in
crestronmc3_firmware< 1.502.0047.0011.502.0047.001
crestrontsw-x60_firmware< 2.001.0037.0012.001.0037.001
ics-certcrestron_tsw-x60_version_prior_to_2.001.0037.001_and_mc3_version_prior_to_1.502

Detection & IOCsextracted from sources · hover to see the quote

  • Crestron TSW-X60 and MC3 devices ship with authentication disabled on the CTP (Crestron Toolbox Protocol) console — detect unauthenticated access to the CTP service as a sign of exploitation or misconfiguration
  • Monitor for unauthenticated remote code execution attempts via the Bash shell service exposed through Crestron Toolbox Protocol (CTP) on TSW-X60 devices (related CVE-2018-11228)
  • Monitor for unauthenticated remote code execution via command injection through Crestron Toolbox Protocol (CTP) on TSW-X60 devices (related CVE-2018-11229)
  • Alert on attempts to calculate or brute-force sudo account passwords on Crestron devices using information accessible to regular user privileges, which may indicate privilege escalation attempts to escape the CTP console sandbox (related CVE-2018-13341)
  • ·No known public exploits specifically targeting these vulnerabilities were identified at time of advisory publication

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.