CVE-2018-7829

Published: May 22, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary system commands.

Affected (59)

59 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric D6220 Firmware	From 2.11

Running on/with	Platform Versions
Schneider Electric D6220	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric D6220l Firmware	From 2.11

Running on/with	Platform Versions
Schneider Electric D6220l	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric D6230 Firmware	From 2.11

Running on/with	Platform Versions
Schneider Electric D6230	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric D6230l Firmware	From 2.11

Running on/with	Platform Versions
Schneider Electric D6230l	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1i	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1s	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1i	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1s	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1p	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1i	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1s	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1p	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1i	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1s	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1p	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 B1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 B1i	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 B1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 B1s	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 B1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 B1p	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1i	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 B1i Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 B1i	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1s	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 B1s Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 B1s	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1p	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 B1p Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 B1p	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1ei Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1ei	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1es Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1es	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1ep Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1ep	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1ei Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1ei	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1es Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1es	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1ep Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1ep	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1ei Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1ei	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1es Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1es	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1ep Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1ep	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1ei Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1ei	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1es Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1es	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1ep Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1ep	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1ei Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1ei	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1es Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1es	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1ep Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1ep	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1vi Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1vi	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1vs Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1vs	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Imes19 1vp Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Imes19 1vp	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1vi Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1vi	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1vs Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1vs	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime119 1vp Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime119 1vp	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1vi Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1vi	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1vs Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1vs	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime219 1vp Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime219 1vp	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1vi Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1vi	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1vs Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1vs	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime319 1vp Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime319 1vp	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1vi Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1vi	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1vs Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1vs	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ime3122 1vp Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ime3122 1vp	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ixes1 Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ixes1	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ixe11 Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ixe11	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ixe21 Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ixe21	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Ixe31 Firmware	Before 2.2.3.0

Running on/with	Platform Versions
Schneider Electric Ixe31	All versions

Related CWEs

CWE-943

Improper Neutralization of Special Elements in Data Query Logic

The product generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query.

References (2)

https://www.schneider-electric.com/en/download/document/SEVD-2019-045-03/

Source: cybersecurity@se.com

MitigationVendor Advisory

https://www.schneider-electric.com/en/download/document/SEVD-2019-045-03/

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.