cbcvebase.
CVE-2018-5473
published 2018-02-19

CVE-2018-5473: An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.93%
92.3th percentile
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.

Affected

1 ranges
VendorProductVersion rangeFixed in
ged60_line_distance_relay_firmware<= 7.11

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is specifically in the SSH functions of the GE D60 Line Distance Relay; monitor for anomalous or malformed SSH traffic targeting these devices
  • Target devices are GE D60 Line Distance Relay running firmware Version 7.11 and prior; inventory and flag any such devices exposed to network access
  • No known public exploits exist for this vulnerability as of the advisory date; treat any exploitation attempts as highly targeted/novel
  • The attack vector is network-based, requires no authentication and no user interaction (CVSS AV:N/AC:L/PR:N/UI:N); block or restrict SSH access to D60 devices at the network perimeter
  • ·Affected scope is limited to GE D60 Line Distance Relay devices in the Energy critical infrastructure sector deployed worldwide; detections should be scoped accordingly

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.