{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T17:27:27.854","vulnerabilities":[{"cve":{"id":"CVE-2018-19023","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2019-01-25T20:29:00.330","lastModified":"2024-11-21T03:57:11.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent \"stop\" state."},{"lang":"es","value":"Hetronic Nova-M, en versiones anteriores a la r161, emplea códigos fijos que pueden reproducirse mediante el rastreo y la retransmisión. Esto puede conducir a la reproducción no autorizada de un comando, la suplantación de un mensaje arbitrario o al mantenimiento de la carga controlada en un estado de parada permanente."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-294"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hetronic:nova-m_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"r161","matchCriteriaId":"1A445383-F447-497B-8AC6-60B795F19686"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hetronic:nova-m:-:*:*:*:*:*:*:*","matchCriteriaId":"6EF7F3AA-0E94-4E0C-9640-3DB565A334C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hetronic:es-can-hl_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"main_r1864","matchCriteriaId":"8175E41A-4B7C-43B5-A47D-EF0C1DD9E795"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hetronic:es-can-hl:-:*:*:*:*:*:*:*","matchCriteriaId":"7720655C-8D6B-4844-A882-FB9700BBC376"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hetronic:bms-hl_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"main_r1175","matchCriteriaId":"315F1990-69CF-4BA5-8B6A-C4DF6BE0E5E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hetronic:bms-hl:-:*:*:*:*:*:*:*","matchCriteriaId":"8588B38E-25D9-4C28-B99F-CA0A1C4A7E70"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hetronic:mlc_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"main_r1600","matchCriteriaId":"97F85EC8-E927-4D41-92F7-51DC3C8FF72F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hetronic:mlc:-:*:*:*:*:*:*:*","matchCriteriaId":"96D1E7A8-31C7-40CE-B114-E1336EFFA27C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hetronic:dc_mobile_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"main_r515","matchCriteriaId":"12945B5F-FF44-4B42-9FDE-98034B9342F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hetronic:dc_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"7D52574C-9899-4395-BDAC-DB3819067719"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/106448","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/bid/106448","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-19-003-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}