Vulnerability Description
Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Silextechnology | Sd-320An Firmware | <= 2.01 |
| Silextechnology | Sd-320An | - |
| Silextechnology | Geh-Sd-320An Firmware | <= geh-1.1 |
| Silextechnology | Geh-Sd-320An | - |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-128-01Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-128-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-6021?
CVE-2018-6021 is a vulnerability with a CVSS score of 7.4 (HIGH). Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.
How severe is CVE-2018-6021?
CVE-2018-6021 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6021?
Check the references section above for vendor advisories and patch information. Affected products include: Silextechnology Sd-320An Firmware, Silextechnology Sd-320An, Silextechnology Geh-Sd-320An Firmware, Silextechnology Geh-Sd-320An.