CVE-2014-8385 - OpenCVE

Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Advantech	Eki-1224 Eki-1221 Eki-1222 Eki-1200 Gateway Series Firmware Eki-1221d Eki-1222d

Configuration 1 [-]

AND

cpe:2.3:o:advantech:eki-1200_gateway_series_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:advantech:eki-1221::::::::
	cpe:2.3:h:advantech:eki-1221d::::::::
	cpe:2.3:h:advantech:eki-1222::::::::
	cpe:2.3:h:advantech:eki-1222d::::::::
	cpe:2.3:h:advantech:eki-1224::::::::

References

Link	Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-041-01	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-02-13T02:00:00

Updated: 2015-02-13T02:57:01

Reserved: 2014-10-22T00:00:00

Link: CVE-2014-8385

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-02-13T02:59:07.127

Modified: 2015-02-13T23:20:16.770

Link: CVE-2014-8385

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:advantech:eki-1200_gateway_series_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55E38F73-2921-4B22-BC75-B3E39EEE900D", "versionEndIncluding": "1.62", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:advantech:eki-1221:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EF68C24-50F1-4787-BE9C-239D3EECDC58", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1221d:*:*:*:*:*:*:*:*", "matchCriteriaId": "02F1327A-B789-4228-9C4B-BA268E51B2A7", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1222:*:*:*:*:*:*:*:*", "matchCriteriaId": "2552D510-CF16-4D89-905B-CBDFCA823EF6", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1222d:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9C45EFA-F054-4195-AA46-1F367A46FC15", "vulnerable": false}, {"criteria": "cpe:2.3:h:advantech:eki-1224:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F0257A7-0B2C-4006-B923-B5AD667B2883", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de buffer en las pasarelas Advantech EKI-1200 con firmware anterior a 1.63 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-8385", "lastModified": "2015-02-13T23:20:16.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-02-13T02:59:07.127", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-041-01"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}