CVE-2018-5473
published 2018-02-19CVE-2018-5473: An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.93%
92.3th percentile
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | d60_line_distance_relay_firmware | <= 7.11 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is specifically in the SSH functions of the GE D60 Line Distance Relay; monitor for anomalous or malformed SSH traffic targeting these devices ↗
- →Target devices are GE D60 Line Distance Relay running firmware Version 7.11 and prior; inventory and flag any such devices exposed to network access ↗
- →No known public exploits exist for this vulnerability as of the advisory date; treat any exploitation attempts as highly targeted/novel ↗
- →The attack vector is network-based, requires no authentication and no user interaction (CVSS AV:N/AC:L/PR:N/UI:N); block or restrict SSH access to D60 devices at the network perimeter ↗
- ·Affected scope is limited to GE D60 Line Distance Relay devices in the Energy critical infrastructure sector deployed worldwide; detections should be scoped accordingly ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fmjh-pgv9-5x96: An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware
ghsa_unreviewed·2022-05-13
CVE-2018-5473 [CRITICAL] CWE-119 GHSA-fmjh-pgv9-5x96: An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.
CISA ICS
GE D60 Line Distance Relay
cisa_ics·2018-02-15
GE D60 Line Distance Relay
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GE D60 Line Distance Relay
Last RevisedFebruary 15, 2018
Alert CodeICSA-18-046-02
## CVSS v3 9.8
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: GE
Equipment: D60 Line Distance Relay
Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer
## AFFECTED PRODUCTS
The following versions of the D60 Line Distance Relay are affected:
- D60 devices running firmware Version 7.11 and prior.
## IMPACT
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary co
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-02-19
Published