JVN#59624986: Multiple vulnerabilities in INplc

Overview

INplc provided by MICRONET CORPORATION contains multiple vulnerabilities.

Products Affected

Installer of INplc SDK Express 3.08 and earlier (CVE-2018-0667)
Installer of INplc SDK Pro+ 3.08 and earlier (CVE-2018-0667)
INplc-RT 3.08 and earlier (CVE-2018-0668, CVE-2018-0669, CVE-2018-0670, CVE-2018-0671)

Description

INplc provided by MICRONET CORPORATION contains multiple vulnerabilities listed below.

DLL preloading vulnerability (CWE-427) - CVE-CVE-2018-0667

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8

CVSS v2 AV:N/AC:M/AU:N/C:P/I:P/A:P Base Score: 6.8
Buffer overflow (CWE-119) - CVE-2018-0668

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8

CVSS v2 AV:N/AC:L/AU:N/C:P/I:P/A:P Base Score: 7.5
Authentication bypass (CWE-287) - CVE-2018-0669

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8

CVSS v2 AV:N/AC:L/AU:N/C:P/I:P/A:P Base Score: 7.5
Authentication bypass (CWE-287) - CVE-2018-0670

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8

CVSS v2 AV:N/AC:L/AU:N/C:P/I:P/A:P Base Score: 7.5
Privilege escalation - CVE-2018-0671

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Base Score: 8.8

CVSS v2 AV:L/AC:M/AU:S/C:P/I:P/A:P Base Score: 4.1

Impact

Arbitrary code may be executed with the privilege of the user invoking the installer - CVE-2018-0667
A remote attacker may be able to cause a denial-of-service (DoS) condition or may execute arbitrary code - CVE-2018-0668
A remote attacker may execute an arbitrary command through the traffic based on the protocol - CVE-2018-0669, CVE-2018-0670
An attacker may execute arbitrary code with the administrative privilege on the Windows system which the product is installed on - CVE-2018-0671

Solution

Use the latest installer - CVE-2018-0667
Use the latest installer according to the information provided by the developer.
Also when executing the installer, be sure to check there are no suspicious files in the directory where the installer resides.

Note that this vulnerability affects the installer only, thus users who have already installed INplc do not need to re-install the software.

Update the software - CVE-2018-0668, CVE-2018-0669, CVE-2018-0670, CVE-2018-0671
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor	Status	Last Update	Vendor Notes
MICRONET CORPORATION	Vulnerable	2018/09/07	MICRONET CORPORATION website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Kotatsu Shiraki of University of Tokyo/NEC reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2018-0667
	CVE-2018-0668
	CVE-2018-0669
	CVE-2018-0670
	CVE-2018-0671
JVN iPedia	JVNDB-2018-000092

Update History

2018/11/09: Fixed the CVSS scores and the description under [Impact] of CVE-2018-0671
2018/11/09: Fixed spelling error under "Impact"

CVSS v3	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	Base Score: 7.8
CVSS v2	AV:N/AC:M/AU:N/C:P/I:P/A:P	Base Score: 6.8

CVSS v3	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	Base Score: 9.8
CVSS v2	AV:N/AC:L/AU:N/C:P/I:P/A:P	Base Score: 7.5

CVSS v3	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	Base Score: 8.8
CVSS v2	AV:L/AC:M/AU:S/C:P/I:P/A:P	Base Score: 4.1

JVN#59624986 Multiple vulnerabilities in INplc