*** EX RELS 03423 Release *** Total number of signatures: 6035 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 17 rule(s): --------------- 1135456 FILE Microsoft Graphics Device Interface CVE-2019-0619 Information Disclosure -1 1135459 WEB-CLIENT Microsoft Edge Chakra InlineArrayPush InlineArrayPop Type Confusion -1 (CVE-2018-8617) 1135461 EXPLOIT HPE Intelligent Management Center dbman decryptMsgAes Stack Buffer Overflow (CVE-2018-7114) 1135462 EXPLOIT libVNC LibVNCServer Tight File Transfer Extension Use After Free (CVE-2018-6307) 1135463 WEB Belkin Wemo UPnP Remote Code Execution 1135466 FILE Microsoft Graphics Device Interface DoGdiCommentMultiFormats Information Disclosure -1 (CVE-2019-0614) 1135469 FILE RARLAB WinRAR ACE Vulnerability -1.1 (CVE-2018-20251) 1135470 FILE RARLAB WinRAR ACE Vulnerability -1.2 (CVE-2018-20251) 1135471 WEB Jenkins ACL Bypass and Metaprogramming RCE (CVE-2019-1003000) 1135479 SSL OpenSSL GOLDENDOODLE invalid padding 1135480 WEB Apache Solr Config API Insecure Deserialization (CVE-2019-0192) 1135481 SSL OpenSSL GOLDENDOODLE padding attack 1135482 DHCP Microsoft Windows DHCP Server CVE-2019-0626 Denial of Service 1135483 DHCP Microsoft Windows DHCP Client CVE-2019-0726 Code Execution 1135485 WEB Netgear ReadyNAS Surveillance and NUUO NVRMini Remote Command Execution (CVE-2018-15716) 1135486 WEB Linksys WAP54Gv3 Remote Debug Root Shell 1135487 WEB ZTE ZXV10 H108L Routers Remote Code Execution Modified 90 rule(s): --------------- 1054879 ICS 7T Interactive Graphical SCADA System Arbitrary File Read And Overwrite -2 (CVE-2011-1565) 1054880 ICS 7T Interactive Graphical SCADA System Arbitrary File Execution -1 (CVE-2011-1566) 1055102 ICS Measuresoft ScadaPro Remote Command Execution (CVE-2011-3490) 1056079 ICS 7-Technologies IGSS 9 IGSSdataServer.exe DoS 1056691 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -6 (CVE-2011-4875) 1056692 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -7 (CVE-2011-4875) 1056693 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -8 (CVE-2011-4875) 1056694 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -9 (CVE-2011-4875) 1056695 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -10 (CVE-2011-4875) 1056696 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -11 (CVE-2011-4875) 1056697 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -12 (CVE-2011-4875) 1056698 ICS Siemens SIMATIC WinCC Flexible Runtime Stack Buffer Overflow -13 (CVE-2011-4875) 1056704 ICS WellinTech Kingview SCADA HistoryServer.exe Opcode 3 Heap Buffer Overflow -1 (CVE-2011-4536) 1057005 ICS RealFlex RealWin SCADA SCPC_INITIALIZE and SCPC_INITIALIZE_RF Buffer Overflow -1 (CVE-2010-4142) 1057648 ICS Citect Multiple Products ODBC Stack Buffer Overflow -1 (CVE-2008-2639) 1058817 ICS GE Proficy CIMPLICITY gefebt.exe Remote Code Execution (CVE-2014-0750) 1058947 ICS Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow (CVE-2014-0784) 1058951 ICS Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow (CVE-2014-0783) 1058961 ICS Yokogawa CENTUM CS 3000 BKCLogSvr.exe Heap Buffer Overflow (CVE-2014-0781) 1059523 ICS Yokogawa CS3000 BKESimmgr.exe Buffer Overflow (CVE-2014-0782) 1059537 ICS Schneider Electric ClearSCADA OPF File Parsing Out of Bounds Array Indexing (CVE-2014-0779) 1059583 ICS Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -1 (CVE-2014-0768) 1059584 ICS Advantech WebAccess SCADA webvact.ocx AccessCode Buffer Overflow -2 (CVE-2014-0768) 1059655 ICS Advantech WebAccess SCADA webvact.ocx NodeName2 Buffer Overflow -1 (CVE-2014-0766) 1059656 ICS Advantech WebAccess SCADA webvact.ocx NodeName2 Buffer Overflow -2 (CVE-2014-0766) 1059710 ICS WellinTech KingSCADA kxNetDispose.dll Stack Buffer Overflow -1 (CVE-2014-0787) 1059711 ICS WellinTech KingSCADA kxNetDispose.dll Stack Buffer Overflow -2 (CVE-2014-0787) 1059727 ICS Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow (CVE-2014-3888) 1059802 ICS Advantech WebAccess SCADA webvact.ocx NodeName Buffer Overflow -3 (CVE-2014-0764) 1059832 ICS 7T Interactive Graphical SCADA System Memory Corruption Vulnerability (BID-46310) 1059833 ICS atvise webMI2ADS Authorization HTTP Header Parsing Vulnerability 1059835 ICS Automated Solutions Modbus and TCP OPC Server Heap Corruption Vulnerability (CVE-2010-4709) 1059836 ICS BroadWin WebAccess Client bwocxrun.ocx Multiple Remote Vulnerabilities (BID-49428) 1059837 ICS Cogent Datahub Remote Unicode Buffer Overflow -2 (CVE-2011-3493) 1059841 ICS Cogent DataHub Information Disclosure Vulnerability -1 (CVE-2011-3502) 1059842 ICS Cogent DataHub Information Disclosure Vulnerability -2 (CVE-2011-3502) 1059843 ICS Cogent DataHub Information Disclosure Vulnerability -3 (CVE-2011-3502) 1130017 ICS Advantech WebAccess dvs.ocx GetColor Buffer Overflow (CVE-2014-2364) 1130166 ICS Schneider Electric SCADA Expert ClearSCADA Authentication Bypass (CVE-2014-5412) 1130167 ICS Schneider Electric SCADA Expert ClearSCADA Denial of Service (CVE-2014-5411) 1130313 ICS Advantech WebAccess SCADA webeye.ocx ip_addr Parameter Buffer Overflow -1 (CVE-2014-8388) 1130314 ICS Advantech WebAccess SCADA webeye.ocx ip_addr Parameter Buffer Overflow -2 (CVE-2014-8388) 1130315 ICS Advantech ADAMView Display Properties Parameter Remote Code Execution (CVE-2014-8386) 1131757 ICS Schneider Electric InduSoft Web Studio Remote Agent Remote Code Execution (CVE-2015-7374) 1132110 ICS Advantech WebAccess Webdobj ActiveX UpdateProject Stack Buffer Overflow -1 (CVE-2014-9208) 1132114 ICS Advantech WebAccess AspVCObj.AspDataDriven ActiveX FileProcess Stack Buffer Overflow -1 (CVE-2014-9208) 1132118 ICS Advantech WebAccess AspVCObj.AspDataDriven ActiveX GetWideStrCpy Stack Buffer Overflow -1 (CVE-2014-9208) 1132528 ICS Advantech WebAccess webvrpcs Service BwWebSvc.dll Buffer Overflow (CVE-2016-0856) 1132530 ICS Advantech WebAccess datacore Service Function 0x523a strcpy Buffer Overflow (CVE-2016-0856) 1132549 ICS Schneider Electric GP-Pro EX ParseAPI Heap Buffer Overflow 1132630 ICS Advantech WebAccess webvrpcs Service Function 0x013C80 Buffer Overflow (CVE-2016-0856) 1132631 ICS Advantech WebAccess webvrpcs Service Function 0x013C71 Buffer Overflow (CVE-2016-0856) 1132810 ICS Unitronics VisiLogic OPLC TeeChart ActiveX RemoveSeries Out of Bounds Array Indexing -1 (CVE-2015-6478) 1132811 ICS Unitronics VisiLogic OPLC TeeChart ActiveX RemoveSeries Out of Bounds Array Indexing -2 (CVE-2015-6478) 1132837 ICS WECON LeviStudio PLC Type Heap Buffer Overflow (ZDI-16-390) 1132838 ICS WECON LeviStudio HmiSet Style Stack Buffer Overflow (ZDI-16-378) 1132860 ICS Schneider Electric ProClima F1BookView SetValidationRule Memory Corruption -1 (CVE-2015-7918) 1132862 ICS Unitronics VisiLogic OPLC IDE TeePreviewer ChartLink Memory Corruption -1 (CVE-2015-6478) 1132863 ICS Unitronics VisiLogic OPLC IDE TeePreviewer ChartLink Memory Corruption -2 (CVE-2015-6478) 1132865 ICS Schneider Electric ProClima F1BookView SetValidationRule Memory Corruption -2 (CVE-2015-7918) 1132960 ICS Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference -1 (CVE-2016-4529) 1132961 ICS Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference -2 (CVE-2016-4529) 1132990 ICS GE MDS PulseNET FileDownloadServlet Directory Traversal (CVE-2015-6459) 1133786 ICS Multiple Siemens SIPROTEC Products EN100 Module CVE-2015-5374 Denial of Service 1133860 ICS Netikus EventSentry XSS via SNMP 1133883 ICS Schneider Electric U.motion Builder css.inc.php Arbitrary File Inclusion - 1.a 1133884 ICS Schneider Electric U.motion Builder css.inc.php Arbitrary File Inclusion - 1.x 1133885 ICS Schneider Electric U.motion Builder loadtemplate.php SQL Injection - 1.u 1133888 ICS Schneider Electric U.motion Builder loadtemplate.php SQL Injection - 1.b 1133903 EXPLOIT HPE Intelligent Management Center imcwlandm UserName Stack Buffer Overflow (CVE-2017-5805) 1133931 ICS Schneider Electric U.motion Builder track_import_export.php SQL Injection - 1.1 (CVE-2017-7973) 1134175 ICS Advantech WebAccess rmTemplate.aspx SQL Injection (CVE-2017-12710) 1134294 ICS Sunway ForceControl Multiple Security Vulnerabilities -7 1134636 ICS Advantech WebAccess Node chkLogin2 SQL Injection (CVE-2018-5433) 1134922 ICS OMRON CX-One CX-Motion sscanf Stack-based Buffer Overflow (CVE-2018-7514) 1134926 ICS Advantech WebAccess webvrpcs Arbitrary File Deletion (CVE-2018-7495) 1134939 ICS Multiple Schneider Electric Products CVE-2018-8840 Stack Based Buffer Overflow Vulnerability 1134953 ICS Dell EMC VMAX Virtual Appliance Manager Authentication Bypass (CVE-2018-1216) 1134990 ICS OMRON CX-One SBA File Parsing wcscpy Stack-based Buffer Overflow (CVE-2018-7514) 1134994 ICS Delta Electronics Delta Industrial Automation AHSIM_5x0 Simulator Buffer Overflow -3 (CVE-2018-10594) 1135014 ICS Advantech WebAccess Node ChkLogin SQL Injection (CVE-2018-5443) 1135036 ICS OMRON CX-One CX-FLnet cdmapi32 wcscpy Stack-based Buffer Overflow (CVE-2018-7514) 1135037 ICS Advantech WebAccess SCADA bwmakdir Stack-based Buffer Overflow (CVE-2018-7499) 1135046 ICS Schneider Electric Interactive Graphical SCADA System Buffer Overflow -2 (CVE-2013-0657) 1135082 ICS Advantech WebAccess SCADA notify2 Stack-based Buffer Overflow (CVE-2018-7499) 1135098 ICS Advantech WebAccess SCADA BwPSLinkZip Stack-based Buffer Overflow (CVE-2018-7499) 1135221 ICS Tridium Niagara config.bog Directory Traversal Vulnerability (CVE-2012-4027) 1135234 ICS MXview Industrial Network Management Software Denial Of Service -1 (CVE-2017-7456) 1135340 ICS Advantech WebAccess SCADA WADashboard writeFile Arbitrary File Overwrite -1.u (CVE-2018-15705) 1135455 WEB NetGear Multiple ProSafe Wireless Controllers Remote Code Execution Deleted 1 rule(s): --------------- 1132627 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 65 (Ransomware Attack Vector) (old rule)