CVE-2018-11058

Q: What is the severity of CVE-2018-11058?

CVE-2018-11058 has a CVSS score of 9.8 (CRITICAL). A buffer over-read vulnerability in RSA BSAFE cryptographic libraries allows remote attackers to read beyond allocated memory boundaries when parsing malicious ASN.1 data. This affects RSA BSAFE Micro Edition Suite versions before 4.0.11 (4.0.x) and 4.1.6 (4.1.x), and RSA BSAFE Crypto-C Micro Edition versions before 4.0.5.3 (4.0.x). Systems using these vulnerable libraries for cryptographic operations are at risk.

9.8 CRITICAL

Buffer Overflow

📋 TL;DR

A buffer over-read vulnerability in RSA BSAFE cryptographic libraries allows remote attackers to read beyond allocated memory boundaries when parsing malicious ASN.1 data. This affects RSA BSAFE Micro Edition Suite versions before 4.0.11 (4.0.x) and 4.1.6 (4.1.x), and RSA BSAFE Crypto-C Micro Edition versions before 4.0.5.3 (4.0.x). Systems using these vulnerable libraries for cryptographic operations are at risk.

💻 Affected Systems

Products:

RSA BSAFE Micro Edition Suite
RSA BSAFE Crypto-C Micro Edition

Versions: RSA BSAFE Micro Edition Suite: versions prior to 4.0.11 (4.0.x) and prior to 4.1.6 (4.1.x); RSA BSAFE Crypto-C Micro Edition: versions prior to 4.0.5.3 (4.0.x)

Operating Systems: All operating systems using affected libraries

Default Config Vulnerable: ⚠️ Yes

Notes: Affects any application or system that uses these cryptographic libraries for ASN.1 parsing, including embedded systems and IoT devices.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data exfiltration, or denial of service through memory corruption.

🟠

Likely Case

Information disclosure through memory leaks, potential denial of service via application crashes, or limited remote code execution depending on memory layout.

🟢

If Mitigated

Limited impact with proper network segmentation, application sandboxing, and memory protection mechanisms in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted ASN.1 data to vulnerable systems, but no public exploit code has been documented in the provided references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: RSA BSAFE Micro Edition Suite: 4.0.11 or 4.1.6; RSA BSAFE Crypto-C Micro Edition: 4.0.5.3

Vendor Advisory: https://www.oracle.com/security-alerts/cpuapr2020.html

Restart Required: Yes

Instructions:

1. Identify all systems using affected RSA BSAFE libraries. 2. Obtain updated versions from RSA/Oracle. 3. Apply patches according to vendor documentation. 4. Restart affected services or systems. 5. Verify successful update.

🔧 Temporary Workarounds

Network Filtering

all

Block or filter incoming ASN.1 data at network boundaries using firewalls or intrusion prevention systems.

Application Sandboxing

all

Run vulnerable applications in restricted environments with limited memory access and network permissions.

🧯 If You Can't Patch

Isolate affected systems in segmented network zones with strict access controls.
Implement application-level input validation to reject malformed ASN.1 data before processing.

🔍 How to Verify

Check if Vulnerable:

Check library versions in use: For RSA BSAFE Micro Edition Suite, verify version is below 4.0.11 (4.0.x) or 4.1.6 (4.1.x); for RSA BSAFE Crypto-C Micro Edition, verify version is below 4.0.5.3 (4.0.x).

Check Version:

Check application documentation or system package managers for RSA BSAFE library versions; specific commands vary by platform and integration.

Verify Fix Applied:

Confirm library versions are updated to: RSA BSAFE Micro Edition Suite 4.0.11+ or 4.1.6+; RSA BSAFE Crypto-C Micro Edition 4.0.5.3+.

📡 Detection & Monitoring

Log Indicators:

Application crashes or abnormal termination logs
Memory access violation errors in system logs
Unusual network traffic patterns involving cryptographic operations

Network Indicators:

Anomalous ASN.1 data packets to systems using RSA BSAFE
Unexpected outbound data transfers following cryptographic processing

SIEM Query:

Search for: 'RSA BSAFE' AND ('crash' OR 'memory violation' OR 'buffer over-read') in application logs; monitor for spikes in network traffic to ports associated with cryptographic services.

📊 Metadata

CVE ID: CVE-2018-11058

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: September 14, 2018

Last Updated: November 21, 2024

🔗 References

http://seclists.org/fulldisclosure/2018/Aug/46 Mailing List,Third Party Advisory
http://www.securityfocus.com/bid/108106 Broken Link
https://www.oracle.com/security-alerts/cpuapr2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Patch,Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch,Third Party Advisory
http://seclists.org/fulldisclosure/2018/Aug/46 Mailing List,Third Party Advisory
http://www.securityfocus.com/bid/108106 Broken Link
https://www.oracle.com/security-alerts/cpuapr2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Patch,Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Patch,Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch,Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Application Testing Suite by Oracle

Bsafe by Dell

Bsafe by Dell

Bsafe Crypto C by Dell

Communications Analytics by Oracle

Communications Ip Service Activator by Oracle

Communications Ip Service Activator by Oracle

Core Rdbms by Oracle

Core Rdbms by Oracle

Core Rdbms by Oracle

Core Rdbms by Oracle

Core Rdbms by Oracle

Enterprise Manager Ops Center by Oracle

Enterprise Manager Ops Center by Oracle

Goldengate Application Adapters by Oracle

Jd Edwards Enterpriseone Tools by Oracle

Real User Experience Insight by Oracle

Real User Experience Insight by Oracle

Real User Experience Insight by Oracle

Retail Predictive Application Server by Oracle

Retail Predictive Application Server by Oracle

Security Service by Oracle

Security Service by Oracle

Security Service by Oracle

Timesten In Memory Database by Oracle

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Filtering

Application Sandboxing

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities