3.1

CVE-2018-8862

EPSS 0.2%
Veröffentlicht 25.05.2018 16:29:00
Zuletzt bearbeitet 21.11.2024 04:14:28
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Atisystem ≫ Hpss16 Firmware Version-

Atisystem ≫ Hpss16 Version-

Atisystem ≫ Hpss32 Firmware Version-

Atisystem ≫ Hpss32 Version-

Atisystem ≫ Mhpss Firmware Version-

Atisystem ≫ Mhpss Version-

Atisystem ≫ Alert4000 Firmware Version-

Atisystem ≫ Alert4000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.388

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.1	1.6	1.4	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	2.9	5.5	2.9	AV:A/AC:M/Au:N/C:N/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/bid/103721

Third Party Advisory

VDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-100-01

Third Party Advisory

US Government Resource

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2018-8862

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-8862

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-8862

EUVD