CVE-2013-0108 : An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document.

Published 2013-02-24 11:48:21

Updated 2013-02-25 05:00:00

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2013-0108

Probability of exploitation activity in the next 30 days: 76.00%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2013-0108

Honeywell HSC Remote Deployer ActiveX Remote Code Execution

Disclosure Date: 2013-02-22

First seen: 2020-04-26

exploit/windows/browser/honeywell_hscremotedeploy_exec

This module exploits a vulnerability found in the Honeywell HSC Remote Deployer ActiveX. This control can be abused by using the LaunchInstaller() function to execute an arbitrary HTA from a remote location. This module has been tested successfully with the H

More information

CVSS scores for CVE-2013-0108

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2013-0108

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-0108

http://ics-cert.us-cert.gov/pdf/ICSA-13-053-02.pdf

404 - File Not Found | CISA
US Government Resource

Products affected by CVE-2013-0108

Honeywell » Enterprise Buildings Integrator » Version: R400.2
cpe:2.3:a:honeywell:enterprise_buildings_integrator:r400.2:*:*:*:*:*:*:*
Matching versions
Honeywell » Enterprise Buildings Integrator » Version: R310
cpe:2.3:a:honeywell:enterprise_buildings_integrator:r310:*:*:*:*:*:*:*
Matching versions
Honeywell » Enterprise Buildings Integrator » Version: R410.1
cpe:2.3:a:honeywell:enterprise_buildings_integrator:r410.1:*:*:*:*:*:*:*
Matching versions
Honeywell » Enterprise Buildings Integrator » Version: R410.2
cpe:2.3:a:honeywell:enterprise_buildings_integrator:r410.2:*:*:*:*:*:*:*
Matching versions
Honeywell » Symmetre » Version: R410.1
cpe:2.3:a:honeywell:symmetre:r410.1:*:*:*:*:*:*:*
Matching versions
Honeywell » Symmetre » Version: R310
cpe:2.3:a:honeywell:symmetre:r310:*:*:*:*:*:*:*
Matching versions
Honeywell » Symmetre » Version: R400.2
cpe:2.3:a:honeywell:symmetre:r400.2:*:*:*:*:*:*:*
Matching versions
Honeywell » Comfortpoint Open Manager Station » Version: R100
cpe:2.3:a:honeywell:comfortpoint_open_manager_station:r100:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-0108