CVE-2018-18563

20.11.2018, 19:29

An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). Improper access control to a service command allows attackers in the adjacent network to execute arbitrary code on the system through a crafted Poct1-A message.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.6 CRITICAL	ADJACENT_NETWORK	LOW	NONE	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 48%

Vendor	Product	Version
roche	accu-chek_inform_ii_firmware	𝑥 < 03.06.00
roche	accu-chek_inform_ii_firmware	04.00.00 ≤ 𝑥 < 04.03.00
roche	cobas_h_232_firmware	𝑥 < 03.01.03
roche	cobas_h_232_firmware	04.00.00 ≤ 𝑥 < 04.00.04
roche	coaguchek_pro_ii_firmware	𝑥 < 04.03.00
roche	coaguchek_xs_plus_firmware	𝑥 < 03.01.06
roche	coaguchek_xs_pro_firmware	𝑥 < 03.01.06

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-434 - Unrestricted Upload of File with Dangerous Type
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

References

http://www.securityfocus.com/bid/105843

https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01

http://www.securityfocus.com/bid/105843

https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01