CyberSec.Space Logo
Back to CVE Browser

CVE-2018-19023

HIGH
8.8
CVSS Severity Score
EPSS Score0.1950%
EPSS Percentile4.16th
PublishedJan 25, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

Affected Platforms (CPE)

πŸ’»
Hetronic

Nova M Firmware

< r161
πŸ’»
Hetronic

Es Can Hl Firmware

< main_r1864
πŸ’»
Hetronic

Bms Hl Firmware

< main_r1175
πŸ’»
Hetronic

Mlc Firmware

< main_r1600
πŸ’»
Hetronic

Dc Mobile Firmware

< main_r515

References & Advisories

πŸ”— http://www.securityfocus.com/bid/106448
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03
πŸ”— http://www.securityfocus.com/bid/106448
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03

Related Vulnerabilities

CVE-2018-422910.0

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatc...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-1051110.0

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request for...