Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-2852 (GCVE-0-2017-2852)
Vulnerability from cvelistv5 – Published: 2018-06-01 15:00 – Updated: 2024-09-17 02:31- denial of service
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104490 | vdb-entryx_refsource_BID |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:16.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104490"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Natus",
"vendor": "Talos",
"versions": [
{
"status": "affected",
"version": "Natus Xltek NeuroWorks 8"
}
]
}
],
"datePublic": "2018-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:23:29.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "104490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104490"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2018-05-31T00:00:00",
"ID": "CVE-2017-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Natus",
"version": {
"version_data": [
{
"version_value": "Natus Xltek NeuroWorks 8"
}
]
}
}
]
},
"vendor_name": "Talos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104490"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2852",
"datePublished": "2018-06-01T15:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:31:31.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-2852",
"date": "2026-07-18",
"epss": "0.01388",
"percentile": "0.69211"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-2852\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2018-06-01T15:29:00.233\",\"lastModified\":\"2024-11-21T03:24:19.737\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad explotable de denegaci\u00f3n de servicio (DoS) en la funcionalidad de deserializaci\u00f3n de listas de Natus Xltek NeuroWorks 8. Un paquete de red especialmente manipulado puede provocar una lectura fuera de l\u00edmites, lo que resulta en una denegaci\u00f3n de servicio (DoS). Un atacante puede enviar un paquete malicioso para provocar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:natus:xltek_neuroworks:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"093E6A8F-F409-4E7B-B521-342858DFBD65\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104490\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104490\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]}]}}"
}
}
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: http://www.natus.com/
| Name | Natus Medical Natus Xltek NeuroWorks 8 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-2852"
}
},
"description": "Natus Xltek NeuroWorks\u662f\u7f8e\u56fdNatus Medical\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8eEEG\u6d4b\u8bd5\u3001\u957f\u671f\u76d1\u6d4b\u3001ICU\u76d1\u6d4b\u548c\u7761\u7720\u7814\u7a76\u7684\u901a\u7528\u8f6f\u4ef6\u5e73\u53f0\u3002\r\n\r\nNatus Xltek NeuroWorks 8\u4e2d\u7684\u5217\u8868\u529f\u80fd\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u7f51\u7edc\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u8be5\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Cory Duplantis of Cisco Talos",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttp://www.natus.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-11030",
"openTime": "2018-06-06",
"products": {
"product": "Natus Medical Natus Xltek NeuroWorks 8"
},
"referenceLink": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354",
"serverity": "\u4e2d",
"submitTime": "2018-06-05",
"title": "Natus Xltek NeuroWorks\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
FKIE_CVE-2017-2852
Vulnerability from fkie_nvd - Published: 2018-06-01 15:29 - Updated: 2026-06-17 01:16| URL | Tags | ||
|---|---|---|---|
| talos-cna@cisco.com | http://www.securityfocus.com/bid/104490 | Broken Link | |
| talos-cna@cisco.com | https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354 | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104490 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354 | Technical Description, Third Party Advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| natus | xltek_neuroworks | 8 |
{
"affected": [
{
"affectedData": [
{
"product": "Natus",
"vendor": "Talos",
"versions": [
{
"status": "affected",
"version": "Natus Xltek NeuroWorks 8"
}
]
}
],
"source": "talos-cna@cisco.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:natus:xltek_neuroworks:8:*:*:*:*:*:*:*",
"matchCriteriaId": "093E6A8F-F409-4E7B-B521-342858DFBD65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad explotable de denegaci\u00f3n de servicio (DoS) en la funcionalidad de deserializaci\u00f3n de listas de Natus Xltek NeuroWorks 8. Un paquete de red especialmente manipulado puede provocar una lectura fuera de l\u00edmites, lo que resulta en una denegaci\u00f3n de servicio (DoS). Un atacante puede enviar un paquete malicioso para provocar esta vulnerabilidad."
}
],
"id": "CVE-2017-2852",
"lastModified": "2026-06-17T01:16:59.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-01T15:29:00.233",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104490"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-H76F-7P84-2JF9
Vulnerability from github – Published: 2022-05-13 01:01 – Updated: 2022-05-13 01:01An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2017-2852"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-01T15:29:00Z",
"severity": "HIGH"
},
"details": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.",
"id": "GHSA-h76f-7p84-2jf9",
"modified": "2022-05-13T01:01:21Z",
"published": "2022-05-13T01:01:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2852"
},
{
"type": "WEB",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104490"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2017-2852
Vulnerability from gsd - Updated: 2023-12-13 01:21{
"GSD": {
"alias": "CVE-2017-2852",
"description": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.",
"id": "GSD-2017-2852"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-2852"
],
"details": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.",
"id": "GSD-2017-2852",
"modified": "2023-12-13T01:21:05.247769Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2018-05-31T00:00:00",
"ID": "CVE-2017-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Natus",
"version": {
"version_data": [
{
"version_value": "Natus Xltek NeuroWorks 8"
}
]
}
}
]
},
"vendor_name": "Talos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104490"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:natus:xltek_neuroworks:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2852"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354",
"refsource": "MISC",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0354"
},
{
"name": "104490",
"refsource": "BID",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104490"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-06-07T17:25Z",
"publishedDate": "2018-06-01T15:29Z"
}
}
}
ICSMA-18-165-01
Vulnerability from csaf_cisa - Published: 2018-06-14 00:00 - Updated: 2018-06-14 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Natus Xltek NeuroWorks: Version 8
Natus Medical, Inc. (Natus) / Natus Xltek NeuroWorks
|
8 |
Vendor Fix
Vendor Fix
Vendor Fix
|
{
"document": {
"acknowledgments": [
{
"names": [
"Cory Duplantis"
],
"organization": "Cisco Talos",
"summary": "discovering these vulnerabilities and reporting them to Natus"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities require access to the Natus customer network, and could crash the device being accessed; a buffer overflow condition may allow remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Healthcare and Public Health",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Pleasanton, California",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSMA-18-165-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsma-18-165-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSMA-18-165-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-165-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-165-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
}
],
"title": "Natus Xltek NeuroWorks",
"tracking": {
"current_release_date": "2018-06-14T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSMA-18-165-01",
"initial_release_date": "2018-06-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-06-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSMA-18-165-01 Natus Xltek NeuroWorks"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8",
"product": {
"name": "Natus Xltek NeuroWorks: Version 8",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Natus Xltek NeuroWorks"
}
],
"category": "vendor",
"name": "Natus Medical, Inc. (Natus)"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-2852",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet may be able to cause an out-of-bounds read, which may result in a denial-of-service condition.CVE-2017-2852 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2852"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2853",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "An attacker may cause a buffer overflow by sending a specially-crafted packet to the affected product while the product attempts to open a file requested by the client.CVE-2017-2853 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2853"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2858",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet may cause an out-of-bounds read, which may result in a denial-of-service condition.CVE-2017-2858 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2858"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2860",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet may cause an out-of-bounds read, which may result in a denial-of-service condition.CVE-2017-2860 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2860"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2861",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet may cause an out-of-bounds read, which may result in a denial-of-service condition.CVE-2017-2861 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2861"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2867",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet received during the execution of certain commands can cause memory to be overwritten in a way that could allow an attacker to take control of the program.CVE-2017-2867 has been assigned to this vulnerability. A CVSS v3 base score of 9.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2867"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2868",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "An error in the way the program parses data structures may allow an attacker to take control of the system by sending it a specially-crafted packet.CVE-2017-2868 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2868"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2017-2869",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A specially-crafted packet takes advantage of the way the program parses data structures and may cause a buffer overflow, which may allow remote execution of arbitrary code.CVE-2017-2869 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2869"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Natus has released NeuroWorks/SleepWorks 8.5 GMA 3, a software update with security enhancements to address the vulnerabilities identified in NeuroWorks/SleepWorks 8.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "A free software update to NeuroWorks/SleepWorks 8.5 GMA 3 is available to users using NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. Contact the Natus Neuro Technical support department at 1-800 387-7516 or email Oakville_Technical_Service@natus.com for more details.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Natus recommends installing this update as quickly as possible on affected systems.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
VAR-201806-0543
Vulnerability from variot - Updated: 2024-11-23 21:53An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. Natus Xltek NeuroWorks Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Natus Xltek NeuroWorks is a universal software platform for EEG testing, long-term monitoring, ICU monitoring and sleep research at Natus Medical. Natus Xltek NeuroWorks/SleepWorks are prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple denial-of-service vulnerabilities An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Xltek NeuroWorks/SleepWorks 8 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0543",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xltek neuroworks",
"scope": "eq",
"trust": 1.6,
"vendor": "natus",
"version": "8"
},
{
"model": "neuroworks software",
"scope": "eq",
"trust": 0.8,
"vendor": "natus",
"version": "8"
},
{
"model": "medical natus xltek neuroworks",
"scope": "eq",
"trust": 0.6,
"vendor": "natus",
"version": "8"
},
{
"model": "xltek neuroworks/sleepworks",
"scope": "eq",
"trust": 0.3,
"vendor": "natus",
"version": "8.5"
},
{
"model": "xltek neuroworks/sleepworks",
"scope": "eq",
"trust": 0.3,
"vendor": "natus",
"version": "8.4"
},
{
"model": "xltek neuroworks/sleepworks",
"scope": "eq",
"trust": 0.3,
"vendor": "natus",
"version": "8.1"
},
{
"model": "xltek neuroworks/sleepworks",
"scope": "eq",
"trust": 0.3,
"vendor": "natus",
"version": "8.0"
},
{
"model": "xltek neuroworks/sleepworks gma",
"scope": "ne",
"trust": 0.3,
"vendor": "natus",
"version": "8.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "xltek neuroworks",
"version": "8"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "BID",
"id": "104490"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:natus:xltek_neuroworks",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cory Duplantis from Cisco Talos",
"sources": [
{
"db": "BID",
"id": "104490"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2852",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2852",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11030",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2852",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2852",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2852",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2017-2852",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2852",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-11030",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. Natus Xltek NeuroWorks Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Natus Xltek NeuroWorks is a universal software platform for EEG testing, long-term monitoring, ICU monitoring and sleep research at Natus Medical. Natus Xltek NeuroWorks/SleepWorks are prone to the following security vulnerabilities:\n1. Multiple stack-based buffer-overflow vulnerabilities\n2. Multiple denial-of-service vulnerabilities\nAn attacker can exploit these issues to execute arbitrary code in the context of the affected application. \nXltek NeuroWorks/SleepWorks 8 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "BID",
"id": "104490"
},
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2852",
"trust": 3.5
},
{
"db": "TALOS",
"id": "TALOS-2017-0354",
"trust": 3.0
},
{
"db": "BID",
"id": "104490",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSMA-18-165-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2018-11030",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F1D080-39AB-11E9-94EB-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "BID",
"id": "104490"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"id": "VAR-201806-0543",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
}
]
},
"last_update_date": "2024-11-23T21:53:16.570000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Natus NeuroWorks Software",
"trust": 0.8,
"url": "http://www.natus.com/index.cfm?page=products_1\u0026crid=1055"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2017-0354"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104490"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-165-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2852"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2852"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2017-0354"
},
{
"trust": 0.3,
"url": "http://www.natus.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "BID",
"id": "104490"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"db": "BID",
"id": "104490"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-06T00:00:00",
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"date": "2018-06-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"date": "2018-06-19T00:00:00",
"db": "BID",
"id": "104490"
},
{
"date": "2018-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"date": "2018-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"date": "2018-06-01T15:29:00.233000",
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11030"
},
{
"date": "2018-06-19T00:00:00",
"db": "BID",
"id": "104490"
},
{
"date": "2018-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013516"
},
{
"date": "2022-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-136"
},
{
"date": "2024-11-21T03:24:19.737000",
"db": "NVD",
"id": "CVE-2017-2852"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Natus Xltek NeuroWorks Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11030"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f1d080-39ab-11e9-94eb-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-136"
}
],
"trust": 0.8
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.