VAR-202004-2221
Vulnerability from variot - Updated: 2022-05-17 02:07IEXplorer is an industrial Ethernet tool software that provides automatic search for Delta industrial Ethernet products, provides real-time monitoring of device connection status, quick IP address setting and software upgrade functions, applicable products include (DVS series, DVW series, IFD9506 , IFD9507, RTU-EN01, DVPEN01-SL, DVP12SE, DVP-FEN01, DVPSCM12-SL, DVPSCM52-SL, ASDA-M, CMC-MOD010).
Delta Electronics Enterprise Management (Shanghai) Co., Ltd. has an unauthorized access vulnerability in IEXplorer. Attackers can use the loopholes to access all functions of the software in an unauthorized state, and perform illegal operations.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2221",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iexplorer",
"scope": "eq",
"trust": 0.6,
"vendor": "delta management",
"version": "1.2.0.4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-18736",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2020-18736",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IEXplorer is an industrial Ethernet tool software that provides automatic search for Delta industrial Ethernet products, provides real-time monitoring of device connection status, quick IP address setting and software upgrade functions, applicable products include (DVS series, DVW series, IFD9506 , IFD9507, RTU-EN01, DVPEN01-SL, DVP12SE, DVP-FEN01, DVPSCM12-SL, DVPSCM52-SL, ASDA-M, CMC-MOD010).\n\r\n\r\nDelta Electronics Enterprise Management (Shanghai) Co., Ltd. has an unauthorized access vulnerability in IEXplorer. Attackers can use the loopholes to access all functions of the software in an unauthorized state, and perform illegal operations.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-18736",
"trust": 0.8
},
{
"db": "IVD",
"id": "4E4EFE3F-BCFA-48B9-8680-2ACEFD75BBCF",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"id": "VAR-202004-2221",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"last_update_date": "2022-05-17T02:07:57.484000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Delta IEXplorer industrial Ethernet tool software has unauthorized access vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/205919"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-06T00:00:00",
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
},
{
"date": "2020-04-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-18736"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Delta Electronics Enterprise Management (Shanghai) Co., Ltd. IEXplorer has unauthorized access vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-18736"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unauthorized access",
"sources": [
{
"db": "IVD",
"id": "4e4efe3f-bcfa-48b9-8680-2acefd75bbcf"
}
],
"trust": 0.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…