CVE-2017-2286 - OpenCVE

Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Sony	Pc\/sc Activator For Type B Rc-s310\/ed4c Rc-s330 Rc-s310\/j1c Nfc Net Installer Rc-s310 Rc-s320 Nfc Port Firmware Rc-s370 Rc-s380 Rc-s380\/s Sfcard Viewer 2

Configuration 1 [-]

AND

cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:rc-s310:-:::::::*
	cpe:2.3:h:sony:rc-s320:-:::::::*
	cpe:2.3:h:sony:rc-s330:-:::::::*
	cpe:2.3:h:sony:rc-s370:-:::::::*
	cpe:2.3:h:sony:rc-s380:-:::::::*
	cpe:2.3:h:sony:rc-s380\/s:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:rc-s310\/ed4c:-:::::::*
	cpe:2.3:h:sony:rc-s310\/j1c:-:::::::*
	cpe:2.3:h:sony:rc-s320:-:::::::*

Configuration 3 [-]

cpe:2.3:o:sony:pc\/sc_activator_for_type_b:*:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:sony:sfcard_viewer_2:2.5.0.0:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:o:sony:nfc_net_installer:*:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/en/jp/JVN16136413/index.html	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2017-08-02T16:00:00

Updated: 2017-08-02T15:57:02

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2286

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-08-02T16:29:00.597

Modified: 2017-08-23T14:05:02.177

Link: CVE-2017-2286

JSON object: View

Redhat Information

No data.

CWE

CWE-427

{"containers": {"cna": {"affected": [{"product": "NFC Port Software (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S)", "vendor": "Sony Corporation", "versions": [{"status": "affected", "version": "Version 5.5.0.6 and earlier"}]}, {"product": "NFC Port Software (for RC-S320, RC-S310/J1C, RC-S310/ED4C)", "vendor": "Sony Corporation", "versions": [{"status": "affected", "version": "Version 5.3.6.7 and earlier"}]}, {"product": "PC/SC Activator for Type B", "vendor": "Sony Corporation", "versions": [{"status": "affected", "version": "Ver.1.2.1.0 and earlier"}]}, {"product": "SFCard Viewer 2", "vendor": "Sony Corporation", "versions": [{"status": "affected", "version": "Ver.2.5.0.0 and earlier"}]}, {"product": "NFC Net Installer", "vendor": "Sony Corporation", "versions": [{"status": "affected", "version": "Ver.1.1.0.0 and earlier"}]}], "datePublic": "2017-08-02T00:00:00", "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}], "problemTypes": [{"descriptions": [{"description": "Untrusted search path vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-02T15:57:02", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#16136413", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "https://jvn.jp/en/jp/JVN16136413/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2017-2286", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NFC Port Software (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S)", "version": {"version_data": [{"version_value": "Version 5.5.0.6 and earlier"}]}}, {"product_name": "NFC Port Software (for RC-S320, RC-S310/J1C, RC-S310/ED4C)", "version": {"version_data": [{"version_value": "Version 5.3.6.7 and earlier"}]}}, {"product_name": "PC/SC Activator for Type B", "version": {"version_data": [{"version_value": "Ver.1.2.1.0 and earlier"}]}}, {"product_name": "SFCard Viewer 2", "version": {"version_data": [{"version_value": "Ver.2.5.0.0 and earlier"}]}}, {"product_name": "NFC Net Installer", "version": {"version_data": [{"version_value": "Ver.1.1.0.0 and earlier"}]}}]}, "vendor_name": "Sony Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Untrusted search path vulnerability"}]}]}, "references": {"reference_data": [{"name": "JVN#16136413", "refsource": "JVN", "url": "https://jvn.jp/en/jp/JVN16136413/index.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2017-2286", "datePublished": "2017-08-02T16:00:00", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2017-08-02T15:57:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "58FF206E-61CB-41AE-A055-D17B9D4D3C3F", "versionEndIncluding": "5.5.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sony:rc-s310:-:*:*:*:*:*:*:*", "matchCriteriaId": "95DFE77A-E624-40C8-BB52-DC1BA2DCFE6D", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s320:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D736000-7095-4F5D-9EFA-3B3CA9D90236", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s330:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC30D968-0F24-41BF-A856-D3A9A9585A6E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s370:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC4E817B-B58D-4CF2-91EA-79A1C0C275E7", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s380:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB37F739-30F5-416A-9231-1C1F65636A4D", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s380\\/s:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F5CB280-9536-4853-BDEE-AEB0EEF5F620", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C391E1E-E1D8-4C91-A95D-047AAFD7455B", "versionEndIncluding": "5.3.6.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sony:rc-s310\\/ed4c:-:*:*:*:*:*:*:*", "matchCriteriaId": "187AE859-6A0F-4995-8171-D0464D570B27", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s310\\/j1c:-:*:*:*:*:*:*:*", "matchCriteriaId": "1F74EB26-5AA7-44FA-9B42-1D93929C4F00", "vulnerable": false}, {"criteria": "cpe:2.3:h:sony:rc-s320:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D736000-7095-4F5D-9EFA-3B3CA9D90236", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:pc\\/sc_activator_for_type_b:*:*:*:*:*:*:*:*", "matchCriteriaId": "F090AA3D-E974-4983-854A-24825A574D81", "versionEndIncluding": "1.2.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:sfcard_viewer_2:2.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F08CDA0-9C53-4991-A5D4-86E9F4B0686B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sony:nfc_net_installer:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7C79B64-38A9-437C-B153-281D4ED8A547", "versionEndIncluding": "1.1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}, {"lang": "es", "value": "Una vulnerabilidad de tipo ruta de b\u00fasqueda no confiable permite a los atacantes conseguir privilegios utilizando un archivo DLL troyano en un directorio no especificado. Esta vulnerabilidad afecta a NFC Port Software, versiones 5.5.0.6 y anteriores (para RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S); NFC Port Software, versiones 5.3.6.7 y anteriores (para RC-S320, RC-S310/J1C, RC-S310/ED4C); PC/SC Activator for Type B, versiones 1.2.1.0 y anteriores; SFCard Viewer 2, versiones 2.5.0.0 y anteriores; y NFC Net Installer, versiones 1.1.0.0 y anteriores."}], "id": "CVE-2017-2286", "lastModified": "2017-08-23T14:05:02.177", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-02T16:29:00.597", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://jvn.jp/en/jp/JVN16136413/index.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}