Vulnerability Description
Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gemalto | Sentinel Ldk Rte | 2.10 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102739
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-001-sentinel-ldk-Vendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
- https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017Third Party Advisory
- http://www.securityfocus.com/bid/102739
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-001-sentinel-ldk-Vendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
- https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017Third Party Advisory
FAQ
What is CVE-2017-11498?
CVE-2017-11498 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of ser...
How severe is CVE-2017-11498?
CVE-2017-11498 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-11498?
Check the references section above for vendor advisories and patch information. Affected products include: Gemalto Sentinel Ldk Rte.