Vulnerability Description
Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sentinel | Sentinel Ldk Rte Firmware | <= 7.50 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
- http://www.securityfocus.com/bid/102906
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17Third Party Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
FAQ
What is CVE-2017-12821?
CVE-2017-12821 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.
How severe is CVE-2017-12821?
CVE-2017-12821 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-12821?
Check the references section above for vendor advisories and patch information. Affected products include: Sentinel Sentinel Ldk Rte Firmware.