[Japanese]

JVNDB-2018-000092

Multiple vulnerabilities in INplc

Overview

INplc provided by MICRONET CORPORATION contains multiple vulnerabilities listed below.
*DLL preloading vulnerability (CWE-427) - CVE-CVE-2018-0667
*Buffer overflow (CWE-119) - CVE-2018-0668
*Authentication bypass (CWE-287) - CVE-2018-0669
*Authentication bypass (CWE-287) - CVE-2018-0670
*Privilege escalation - CVE-2018-0671

Kotatsu Shiraki of University of Tokyo/NEC reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0668


CVSS V3 Severity:
Base Metrics: 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0667


CVSS V3 Severity:
Base Metrics: 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0669


CVSS V3 Severity:
Base Metrics: 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0670


CVSS V3 Severity:
Base Metrics: 8.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 4.1 (Medium) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2018-0671
Affected Products


MICRONET CORP.
  • INplc SDK Express 3.08 and earlier (CVE-2018-0667)
  • INplc SDK Pro+ 3.08 and earlier (CVE-2018-0667)
  • INplc-RT 3.08 and earlier (CVE-2018-0668, CVE-2018-0669, CVE-2018-0670, CVE-2018-0671)

Impact

Although the expected impact will vary depending on the vulnerability, the following may be affected.
*Arbitrary code may be executed with the privilege of the user invoking the installer - CVE-2018-0667
*A remote attacker may be able to cause a denial-of-service (DoS) condition or may execute arbitrary code - CVE-2018-0668
*A remote attacker may execute an arbitrary command through the traffic based on the protocol - CVE-2018-0669, CVE-2018-0670
*An attacker may execute arbitrary code with the administrative privilege on the Windows system which the product is installed on. - CVE-2018-0671
Solution

[Use the latest installer] - CVE-2018-0667
Use the latest installer according to the information provided by the developer.
Also when executing the installer, be sure to check there are no suspicious files in the directory where the installer resides.

Note that this vulnerability affects the installer only, thus users who have already installed INplc do not need to re-install the software.

[Update the software] - CVE-2018-0668, CVE-2018-0669, CVE-2018-0670, CVE-2018-0671
Update to the latest version according to the information provided by the developer.
Vendor Information

MICRONET CORP.
CWE (What is CWE?)

  1. Buffer Errors(CWE-119) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2018-0667
  2. CVE-2018-0668
  3. CVE-2018-0669
  4. CVE-2018-0670
  5. CVE-2018-0671
References

  1. JVN : JVN#59624986
Revision History

  • [2018/09/07]
      Web page was published.
  • [2018/11/09]
      Fixed the CVSS scores and the description under [Impact] of CVE-2018-0671