CVE-2017-9645

Published Sep 20, 2017

Last updated 5 years ago

CVSS medium 6.5

Overview

Description: An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 2.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-326
ics-cert@hq.dhs.gov: CWE-326

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:dmc_3000_transmitter_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F68D607-4774-45A7-A3CC-D93EE51C5169"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:dmc_3000_transmitter:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "81D95AAD-66AD-4FCE-A0C2-4C086FF08FEF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:ipam_transmitter_f\\/dmc_2000_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28D590D7-E680-4251-8BBB-20E842026F91"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:ipam_transmitter_f\\/dmc_2000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "180D4F01-B15D-4FB7-8808-84E731444C2F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:rds-31_itx_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08274BFB-DB85-458D-9FDE-31C3EDCE614B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:rds-31_itx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5CB79C5C-5F12-4799-AB24-539270E5F40C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:drm-1\\/2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09D16832-0B56-4278-81F2-346F68AA4CF2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:drm-1\\/2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "568972B1-2B1F-4929-A1D1-B8E1779F3B0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:drm-2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "090843E3-BBEA-42C2-A4A7-00510FB1CD4B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:drm-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83CF0450-2B8D-4FCE-B50C-422B21D21143"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:rds-31_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7F64F40-FBF8-4524-AF53-B6563F4C89DE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:rds-31:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0DDBBE39-6EBD-4880-B3FE-56AB8EB08AEE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:telepole_2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A44C2C06-1312-43BD-8768-4824BF6EC55E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:telepole_2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4CAB081C-73B8-49C2-BE47-56CED7CE4FC0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mirion:wrm2_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68B7F948-3A2C-4170-B95F-0FE9AAD7EF90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mirion:wrm2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49137D8C-510F-4FCA-8F48-C63EEB1FB7B3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References