Vulnerability Description
Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sentinel | Sentinel Ldk Rte Firmware | <= 7.50 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
FAQ
What is CVE-2017-12820?
CVE-2017-12820 is a vulnerability with a CVSS score of 7.5 (HIGH). Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
How severe is CVE-2017-12820?
CVE-2017-12820 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12820?
Check the references section above for vendor advisories and patch information. Affected products include: Sentinel Sentinel Ldk Rte Firmware.