Vulnerability Description
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Roche | Accu-Chek Inform Ii Firmware | < 03.01.04 |
| Roche | Accu-Chek Inform Ii | - |
| Roche | Cobas H 232 Firmware | < 03.01.04 |
| Roche | Cobas H 232 | - |
| Roche | Coaguchek Firmware | < 03.01.04 |
| Roche | Coaguchek | - |
| Roche | Base Unit Hub Firmware | < 03.01.04 |
| Roche | Base Unit Hub | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105843Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/105843Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-310-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-18561?
CVE-2018-18561 is a vulnerability with a CVSS score of 8.0 (HIGH). An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interfac...
How severe is CVE-2018-18561?
CVE-2018-18561 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18561?
Check the references section above for vendor advisories and patch information. Affected products include: Roche Accu-Chek Inform Ii Firmware, Roche Accu-Chek Inform Ii, Roche Cobas H 232 Firmware, Roche Cobas H 232, Roche Coaguchek Firmware.