CVE-2018-5400
published 2018-10-08CVE-2018-5400: The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The…
PriorityP358critical9.1CVSS 3.0
AVNACLPRNUINSUCHIHAN
EPSS
0.74%
50.0th percentile
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| auto-maskin | dcu-210e | >= 3.7 < 3.7 | 3.7 |
| auto-maskin | rp-210e | >= 3.7 < 3.7 | 3.7 |
CVSS provenance
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App)
cisa_ics·2020-02-20·CVSS 9.1
[CRITICAL] Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App)
Last RevisedFebruary 20, 2020
Alert CodeICSA-20-051-04
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Auto-Maskin
- Equipment: RP 210E Remote Panels, DCU 210E Control Units, and Marine Observer Pro (Android App)
- Vulnerabilities: Cleartext Transmission of Sensitive Information, Origin Validation Error, Use of Hard-coded Credentials, Weak Password Recovery Mechanism for Forgotten Password, Weak Password Requirements
## 2. RISK EVALUATION
Successf
GHSA
GHSA-hmx9-h7xx-529h: The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices
ghsa_unreviewed·2022-05-13
CVE-2018-5400 [CRITICAL] CWE-346 GHSA-hmx9-h7xx-529h: The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected relea
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-10-08
Published