VAR-201804-1684
Vulnerability from variot - Updated: 2022-05-17 01:47MXProgrammer software is a windows desktop software of Weihai Meike Electric Technology Co., Ltd. It is used to communicate with its company's MX series PLC products and complete functions such as program writing and downloading.
MXProgrammer software has a denial of service vulnerability. When opening a malformed project file, MXProgrammer.exe software may crash due to illegal access errors inside MXResource.dll
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1684",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mxprogrammer software",
"scope": "eq",
"trust": 0.6,
"vendor": "weihai meike electric",
"version": "v1.11.0"
},
{
"model": "mxprogrammer software",
"scope": "eq",
"trust": 0.6,
"vendor": "weihai meike electric",
"version": "v1.12.5"
},
{
"model": "mxprogrammer software",
"scope": "eq",
"trust": 0.2,
"vendor": "weihai maike electric",
"version": "v1.11.0"
},
{
"model": "mxprogrammer software",
"scope": "eq",
"trust": 0.2,
"vendor": "weihai maike electric",
"version": "v1.12.5"
}
],
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "CNVD-2018-08432",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2018-08432",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MXProgrammer software is a windows desktop software of Weihai Meike Electric Technology Co., Ltd. It is used to communicate with its company\u0027s MX series PLC products and complete functions such as program writing and downloading. \n\nMXProgrammer software has a denial of service vulnerability. When opening a malformed project file, MXProgrammer.exe software may crash due to illegal access errors inside MXResource.dll",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08432"
},
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08432",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EDB1D1-39AB-11E9-A9F0-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"id": "VAR-201804-1684",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"last_update_date": "2022-05-17T01:47:52.782000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MXProgrammer software has a denial of service vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/126663"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-26T00:00:00",
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
},
{
"date": "2018-06-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08432"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MXProgrammer software has a denial of service vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08432"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denial of service",
"sources": [
{
"db": "IVD",
"id": "e2edb1d1-39ab-11e9-a9f0-000c29342cb1"
}
],
"trust": 0.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…