CVE-2018-8847
Severity CVSS v4.0:
Pending analysis
Type:
CWE-121
Stack-based Buffer Overflow
Publication date:
13/07/2018
Last modified:
17/06/2026
Description
Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:eaton:9000x_firmware:*:*:*:*:*:*:*:* | 2.0.29 (including) | |
| cpe:2.3:h:eaton:9000x:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton_9000X_Drive.pdf
- http://www.securityfocus.com/bid/104736
- https://ics-cert.us-cert.gov/advisories/ICSA-18-193-01
- http://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton_9000X_Drive.pdf
- http://www.securityfocus.com/bid/104736
- https://ics-cert.us-cert.gov/advisories/ICSA-18-193-01



