VDB
CVE-2017-12820
CVE-2017-12820
PUBLISHED
CVSS 7.5 HIGH
Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
EPSS 0.88% · 75.7th percentile
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.88%
75.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sentinel | sentinel_ldk_rte_firmware | 0 |
| Gemalto | Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE | 7.55 |
Exploit Intelligence
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-006-sentinel-ldk-rte-arbitrary-memory-read-from-controlled-memory-pointer-leads-to-remote-denial-of-service/ (circl)
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01 (circl)
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf (circl)
- 102906 (circl)
Timeline
- Aug 14, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf advisory
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-006-sentinel-ldk-rte-arbitrary-memory-read-from-controlled-memory-pointer-leads-to-remote-denial-of-service/ url
- https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01 url
- 102906 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2017-12820 advisory
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-006-sentinel-ldk-rte-arbitrary-memory-read-from-controlled-memory-pointer-leads-to-remote-denial-of-service url