CVE-2018-1992
Severity Score
6.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345.
El bootloader del firmware de arranque de IBM Power 9 OP910, OP920 y FW910 es responsable de cargar y validar la imagen de firmware de arranque inicial que inicializa el resto del hardware del sistema. El firmware del bootloader contiene una vulnerabilidad de desbordamiento de búfer por la que, si un atacante pudiese reemplazar la imagen de firmware de arranque inicial por un reemplazo cuidadosamente manipulado y lo suficientemente grande, podría provocar que el bootloader sobrescriba su propia memoria de instrucción durante la carga de dicha imagen y omita las protecciones de arranque seguras, instale troyanos, etc. IBM X-Force ID: 154345.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-12-13 CVE Reserved
- 2019-03-21 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/154345 | 2019-10-09 | |
| https://www.ibm.com/support/docview.wss?uid=ibm10868992 | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Power System S922 \(9009-22a\) Firmware Search vendor "Ibm" for product "Power System S922 \(9009-22a\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System S922 \(9009-22a\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System S922 \(9009-22a\) Search vendor "Ibm" for product "Power System S922 \(9009-22a\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System H922 \(9223-22h\) Firmware Search vendor "Ibm" for product "Power System H922 \(9223-22h\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System H922 \(9223-22h\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System H922 \(9223-22h\) Search vendor "Ibm" for product "Power System H922 \(9223-22h\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System S914 \(9009-41a\) Firmware Search vendor "Ibm" for product "Power System S914 \(9009-41a\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System S914 \(9009-41a\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System S914 \(9009-41a\) Search vendor "Ibm" for product "Power System S914 \(9009-41a\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System S924 \(9009-42a\) Firmware Search vendor "Ibm" for product "Power System S924 \(9009-42a\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System S924 \(9009-42a\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System S924 \(9009-42a\) Search vendor "Ibm" for product "Power System S924 \(9009-42a\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System H924 \(9223-42h\) Firmware Search vendor "Ibm" for product "Power System H924 \(9223-42h\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System H924 \(9223-42h\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System H924 \(9223-42h\) Search vendor "Ibm" for product "Power System H924 \(9223-42h\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System L922 \(9008-22l\) Firmware Search vendor "Ibm" for product "Power System L922 \(9008-22l\) Firmware" | < fw910.10 Search vendor "Ibm" for product "Power System L922 \(9008-22l\) Firmware" and version " < fw910.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System L922 \(9008-22l\) Search vendor "Ibm" for product "Power System L922 \(9008-22l\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gtg\) Firmware Search vendor "Ibm" for product "Power System Ac922 \(8335-gtg\) Firmware" | < op910.30 Search vendor "Ibm" for product "Power System Ac922 \(8335-gtg\) Firmware" and version " < op910.30" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gtg\) Search vendor "Ibm" for product "Power System Ac922 \(8335-gtg\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gth\) Firmware Search vendor "Ibm" for product "Power System Ac922 \(8335-gth\) Firmware" | < op920.10 Search vendor "Ibm" for product "Power System Ac922 \(8335-gth\) Firmware" and version " < op920.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gth\) Search vendor "Ibm" for product "Power System Ac922 \(8335-gth\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gtx\) Firmware Search vendor "Ibm" for product "Power System Ac922 \(8335-gtx\) Firmware" | < op920.10 Search vendor "Ibm" for product "Power System Ac922 \(8335-gtx\) Firmware" and version " < op920.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System Ac922 \(8335-gtx\) Search vendor "Ibm" for product "Power System Ac922 \(8335-gtx\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System Lc921 \(9006-12p\) Firmware Search vendor "Ibm" for product "Power System Lc921 \(9006-12p\) Firmware" | < op920.10 Search vendor "Ibm" for product "Power System Lc921 \(9006-12p\) Firmware" and version " < op920.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System Lc921 \(9006-12p\) Search vendor "Ibm" for product "Power System Lc921 \(9006-12p\)" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Power System Lc922 \(9006-22p\) Firmware Search vendor "Ibm" for product "Power System Lc922 \(9006-22p\) Firmware" | < op920.10 Search vendor "Ibm" for product "Power System Lc922 \(9006-22p\) Firmware" and version " < op920.10" | - |
Affected
| in | Ibm Search vendor "Ibm" | Power System Lc922 \(9006-22p\) Search vendor "Ibm" for product "Power System Lc922 \(9006-22p\)" | - | - |
Safe
|