CVE-2018-5473: Buffer Overflow
First published: Mon Feb 19 2018(Updated: )
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ge D60 Line Distance Relay Firmware | <=7.11 | |
| Ge Multilin D60 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-5473?
CVE-2018-5473 is rated as a high-severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2018-5473?
To fix CVE-2018-5473, upgrade the firmware of GE D60 Line Distance Relay devices to a version later than 7.11.
What types of devices are affected by CVE-2018-5473?
CVE-2018-5473 affects GE D60 Line Distance Relay devices running firmware version 7.11 and earlier.
Can CVE-2018-5473 be exploited remotely?
Yes, CVE-2018-5473 can be exploited remotely through vulnerable SSH functions.
What are the impacts of CVE-2018-5473?
CVE-2018-5473 may allow a remote attacker to execute arbitrary code and compromise the affected device's functionality.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ge
- canonical/ge d60 line distance relay firmware
- version/ge d60 line distance relay firmware/7.11
- canonical/ge multilin d60