CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-12819

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile11.14th
Published2017年10月4日
Last Modified2026年5月13日

Vulnerability Description

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55.

Affected Platforms (CPE)

💻
Sentinel

Sentinel Ldk Rte Firmware

<= 7.50

References & Advisories

🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
🔗 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-005-sentinel-ldk-rte-remote-manipulations-with-language-pack-updater-lead-to-ntlm-relay-attack-for-system-user/
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
🔗 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-005-sentinel-ldk-rte-remote-manipulations-with-language-pack-updater-lead-to-ntlm-relay-attack-for-system-user/
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01

相关漏洞威胁

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2017-772210.0

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with ...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...

CVE-2017-232010.0

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenti...

CVE-2017-12819 Detail & Impact Analysis | CVSS 9.8 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space