CVE-2018-10630
Crestron Multiple Products CTP Console Incorrect Default Permissions Remote Code Execution Vulnerability
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.
Para las versiones anteriores a la 2.001.0037.001 de Crestron TSW-X60 y las versiones anteriores a la 1.502.0047.001 de MC3, los dispositivos se distribuyen con la autenticación deshabilitada y no existen indicaciones de que los usuarios deban tomar medidas para habilitada. Al estar comprometidos, el acceso a la consola CTP se deja abierto.
This vulnerability allows remote attackers to execute execute arbitrary code on vulnerable installations of Crestron products. Authentication is not required to exploit this vulnerability.
The specific flaw exists due to authentication being disabled by default on all Crestron devices. An attacker can leverage this vulnerability to execute code under the context of Administrator.
*Credits:
Ricky "HeadlessZeke" Lawshae
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-05-01 CVE Reserved
- 2018-08-10 CVE Published
- 2024-01-01 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105051 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01 | 2019-10-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-1060-b-s Search vendor "Crestron" for product "Tsw-1060-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-1060-nc-b-s Search vendor "Crestron" for product "Tsw-1060-nc-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-1060-nc-w-s Search vendor "Crestron" for product "Tsw-1060-nc-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-1060-w-s Search vendor "Crestron" for product "Tsw-1060-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-560-b-s Search vendor "Crestron" for product "Tsw-560-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-560-nc-b-s Search vendor "Crestron" for product "Tsw-560-nc-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-560-nc-w-s Search vendor "Crestron" for product "Tsw-560-nc-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-560-w-s Search vendor "Crestron" for product "Tsw-560-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-760-b-s Search vendor "Crestron" for product "Tsw-760-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-760-nc-b-s Search vendor "Crestron" for product "Tsw-760-nc-b-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-760-nc-w-s Search vendor "Crestron" for product "Tsw-760-nc-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Tsw-x60 Firmware Search vendor "Crestron" for product "Tsw-x60 Firmware" | < 2.001.0037.001 Search vendor "Crestron" for product "Tsw-x60 Firmware" and version " < 2.001.0037.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Tsw-760-w-s Search vendor "Crestron" for product "Tsw-760-w-s" | - | - |
Safe
|
| Crestron Search vendor "Crestron" | Mc3 Firmware Search vendor "Crestron" for product "Mc3 Firmware" | < 1.502.0047.001 Search vendor "Crestron" for product "Mc3 Firmware" and version " < 1.502.0047.001" | - |
Affected
| in | Crestron Search vendor "Crestron" | Mc3 Search vendor "Crestron" for product "Mc3" | - | - |
Safe
|