Vulnerabilites related to Progea - Movicon
CVE-2011-2963 (GCVE-0-2011-2963)
Vulnerability from cvelistv5
Published
2011-07-29 19:00
Modified
2024-09-16 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/46907 | vdb-entry, x_refsource_BID | |
| http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf | x_refsource_MISC | |
| http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf | x_refsource_MISC | |
| http://www.osvdb.org/72888 | vdb-entry, x_refsource_OSVDB | |
| http://www.exploit-db.com/exploits/17034 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:32.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46907",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46907"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf"
},
{
"name": "72888",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/72888"
},
{
"name": "17034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/17034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "46907",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46907"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf"
},
{
"name": "72888",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/72888"
},
{
"name": "17034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/17034"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46907"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf"
},
{
"name": "72888",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/72888"
},
{
"name": "17034",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17034"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2963",
"datePublished": "2011-07-29T19:00:00Z",
"dateReserved": "2011-07-29T00:00:00Z",
"dateUpdated": "2024-09-16T23:01:24.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1804 (GCVE-0-2012-1804)
Vulnerability from cvelistv5
Published
2012-05-14 20:00
Modified
2024-08-06 19:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf | x_refsource_MISC | |
| http://secunia.com/advisories/49092 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/81814 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/53484 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:38.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf"
},
{
"name": "49092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49092"
},
{
"name": "81814",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81814"
},
{
"name": "53484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53484"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-05-30T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf"
},
{
"name": "49092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49092"
},
{
"name": "81814",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81814"
},
{
"name": "53484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53484"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-1804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf"
},
{
"name": "49092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49092"
},
{
"name": "81814",
"refsource": "OSVDB",
"url": "http://osvdb.org/81814"
},
{
"name": "53484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53484"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-1804",
"datePublished": "2012-05-14T20:00:00",
"dateReserved": "2012-03-21T00:00:00",
"dateUpdated": "2024-08-06T19:08:38.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0778 (GCVE-0-2014-0778)
Vulnerability from cvelistv5
Published
2014-04-19 19:00
Modified
2025-09-24 21:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
TCPUploader module listens on Port 10651/TCP for incoming connections.
Exploitation of this vulnerability could allow a remote unauthenticated
user access to release OS version information. While this is a minor
vulnerability, it represents a method for further network
reconnaissance.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Movicon",
"vendor": "Progea",
"versions": [
{
"lessThan": "Build 1150",
"status": "affected",
"version": "11.4",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.4.1150"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Celil \u00dcn\u00fcver of SignalSEC Ltd."
}
],
"datePublic": "2014-04-15T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "TCPUploader module listens on Port 10651/TCP for incoming connections. \nExploitation of this vulnerability could allow a remote unauthenticated \nuser access to release OS version information. While this is a minor \nvulnerability, it represents a method for further network \nreconnaissance."
}
],
"value": "TCPUploader module listens on Port 10651/TCP for incoming connections. \nExploitation of this vulnerability could allow a remote unauthenticated \nuser access to release OS version information. While this is a minor \nvulnerability, it represents a method for further network \nreconnaissance."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T21:24:10.830Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-105-01"
},
{
"url": "http://www.progea.com/it-it/downloads/software.aspx"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eProgea has updated and fixed the vulnerability in Movicon Version \n11.4.1150. This is available as a download from the Progea Technical \nSupport site:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.progea.com/it-it/downloads/software.aspx\"\u003ehttp://www.progea.com/it-it/downloads/software.aspx\u003c/a\u003e\u0026nbsp;.\u003c/p\u003e\n\u003cp\u003eUsers will be required to register on the Progea web site to download this new version.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Progea has updated and fixed the vulnerability in Movicon Version \n11.4.1150. This is available as a download from the Progea Technical \nSupport site:\u00a0 http://www.progea.com/it-it/downloads/software.aspx \u00a0.\n\n\nUsers will be required to register on the Progea web site to download this new version."
}
],
"source": {
"advisory": "ICSA-14-105-01",
"discovery": "EXTERNAL"
},
"title": "Progea Movicon SCADA Exposure of Sensitive Information to an Unauthorized Actor",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-0778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-0778",
"datePublished": "2014-04-19T19:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2025-09-24T21:24:10.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14017 (GCVE-0-2017-14017)
Vulnerability from cvelistv5
Published
2017-10-19 23:00
Modified
2024-08-05 19:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101483 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Progea Movicon SCADA/HMI |
Version: Progea Movicon SCADA/HMI |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:13:41.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Progea Movicon SCADA/HMI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Progea Movicon SCADA/HMI"
}
]
}
],
"datePublic": "2017-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-20T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "101483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-14017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Progea Movicon SCADA/HMI",
"version": {
"version_data": [
{
"version_value": "Progea Movicon SCADA/HMI"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101483"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-14017",
"datePublished": "2017-10-19T23:00:00",
"dateReserved": "2017-08-30T00:00:00",
"dateUpdated": "2024-08-05T19:13:41.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14019 (GCVE-0-2017-14019)
Vulnerability from cvelistv5
Published
2017-10-19 23:00
Modified
2024-08-05 19:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101483 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Progea Movicon SCADA/HMI |
Version: Progea Movicon SCADA/HMI |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:13:41.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Progea Movicon SCADA/HMI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Progea Movicon SCADA/HMI"
}
]
}
],
"datePublic": "2017-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-20T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "101483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-14019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Progea Movicon SCADA/HMI",
"version": {
"version_data": [
{
"version_value": "Progea Movicon SCADA/HMI"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101483"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-14019",
"datePublished": "2017-10-19T23:00:00",
"dateReserved": "2017-08-30T00:00:00",
"dateUpdated": "2024-08-05T19:13:41.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201205-0299
Vulnerability from variot
The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). There is an error in the Movicon OPC server. Progea Movicon is prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Movicon versions prior to 11.3 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon",
"scope": "eq",
"trust": 1.5,
"vendor": "progea",
"version": "11.2"
},
{
"model": "movicon",
"scope": "lte",
"trust": 1.0,
"vendor": "progea",
"version": "11.2"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon",
"scope": "lt",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.3"
},
{
"model": "movicon",
"scope": "ne",
"trust": 0.3,
"vendor": "progea",
"version": "11.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "BID",
"id": "53484"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dillon Beresford of IXIA",
"sources": [
{
"db": "BID",
"id": "53484"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1804",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-1804",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1804",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-1804",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-211",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). There is an error in the Movicon OPC server. Progea Movicon is prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nMovicon versions prior to 11.3 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1804"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "BID",
"id": "53484"
},
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1804",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-131-01",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "49092",
"trust": 1.6
},
{
"db": "BID",
"id": "53484",
"trust": 1.3
},
{
"db": "OSVDB",
"id": "81814",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2012-2515",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19603",
"trust": 0.6
},
{
"db": "IVD",
"id": "D98EBF06-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "BID",
"id": "53484"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"id": "VAR-201205-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
}
],
"trust": 1.4500000000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
}
]
},
"last_update_date": "2024-11-23T22:18:54.876000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com/"
},
{
"title": "Progea Movicon patch for out-of-bounds memory corruption vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/16926"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-131-01.pdf"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/49092"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/53484"
},
{
"trust": 1.0,
"url": "http://osvdb.org/81814"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1804"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1804"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-131-01.pdfhttp"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19603"
},
{
"trust": 0.3,
"url": "http://www.progea.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "BID",
"id": "53484"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"db": "BID",
"id": "53484"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-16T00:00:00",
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"date": "2012-05-11T00:00:00",
"db": "BID",
"id": "53484"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"date": "2012-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"date": "2012-05-14T20:55:01.417000",
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-2515"
},
{
"date": "2012-05-11T00:00:00",
"db": "BID",
"id": "53484"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002399"
},
{
"date": "2012-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-211"
},
{
"date": "2024-11-21T01:37:48.940000",
"db": "NVD",
"id": "CVE-2012-1804"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon Service disruption in (out-of-bounds read And memory corruption ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002399"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "d98ebf06-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-211"
}
],
"trust": 0.8
}
}
var-201710-0805
Vulnerability from variot
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges. Progea Movicon Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to a multiple privilege-escalation vulnerabilities. An attacker can exploit these issues to execute arbitrary code to gain elevated privileges. Movicon versions 11.5.1181 and prior are affected.
BACKGROUND
Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture, Transportation Systems, Water and Wastewater Systems Countries/Areas Deployed: Europe, India, and United States Company Headquarters Location: Italy
IMPACT
Successful exploitation of these vulnerabilities could allow privilege escalation or arbitrary code execution. User interaction is required to exploit this vulnerability in that the malicious dll file should be saved in any of the DLL search paths.
The specific flaw exists within the handling of a specific named DLL file used by Movicon SCADA/HMI. By placing specific DLL file (listed below), an attacker is able to force the process to load an arbitrary DLL.
DLL File Name (1)
api-ms-win-appmodel-runtime-l1-1-0.dll
Application Executables (that look for missing DLL)
Movicon.exe MoviconRunTime.exe MoviconService.exe AlarmsImpExp.exe ReportViewerNET.exe
Steps to reproduce
-
Generate a dll payload msfvenom ap windows/exec cmd=calc.exe af dll ao api-ms-win-appmodel-runtime-l1-1-0.dll
-
Place this dll in install directory (or C:\Windows, or any directory defined in the PATH environment variable) C:\Program Files\Progea\Movicon11.5\
-
Run MoviconService.exe (or any of the above listed executables), and Exit
CVE-2017-14017 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot.
aC/ MOVICON (MOVICON) runs as LocalSystem and has path: C:\Program Files\Progea\Movicon11.5\MoviconService.exe:
CVE-2017-14019 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
+++++
Best Regards, Karn Ganeshen
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0805",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon",
"scope": "eq",
"trust": 1.9,
"vendor": "progea",
"version": "11.5.1181"
},
{
"model": "movicon",
"scope": "lte",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.5.1181"
},
{
"model": "movicon",
"scope": "lte",
"trust": 0.6,
"vendor": "progea",
"version": "\u003c=11.5.1181"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.4.1150"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.41150"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.3"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon",
"version": "11.5.1181"
}
],
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen.",
"sources": [
{
"db": "BID",
"id": "101483"
}
],
"trust": 0.3
},
"cve": "CVE-2017-14019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14019",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-30496",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-14019",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14019",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-14019",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-30496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1256",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges. Progea Movicon Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to a multiple privilege-escalation vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code to gain elevated privileges. \nMovicon versions 11.5.1181 and prior are affected. \n\n------------------------\nBACKGROUND\n------------------------\nCritical Infrastructure Sectors: Critical Manufacturing, Energy, Food and\nAgriculture, Transportation Systems, Water and Wastewater Systems\nCountries/Areas Deployed: Europe, India, and United States\nCompany Headquarters Location: Italy\n\n\n------------------------\nIMPACT\n------------------------\nSuccessful exploitation of these vulnerabilities could allow privilege\nescalation or arbitrary code execution. User interaction is required\nto exploit this vulnerability in that the malicious dll file should be\nsaved in any of the DLL search paths. \n\nThe specific flaw exists within the handling of a specific named DLL file\nused by Movicon SCADA/HMI. By placing specific DLL file (listed below), an\nattacker is able to force the process to load an arbitrary DLL. \n\n------------------------\nDLL File Name (1)\n------------------------\napi-ms-win-appmodel-runtime-l1-1-0.dll\n\n------------------------\nApplication Executables (that look for missing DLL)\n------------------------\nMovicon.exe\nMoviconRunTime.exe\nMoviconService.exe\nAlarmsImpExp.exe\nReportViewerNET.exe\n\n------------------------\nSteps to reproduce\n------------------------\n\n1. Generate a dll payload\nmsfvenom ap windows/exec cmd=calc.exe af dll ao\napi-ms-win-appmodel-runtime-l1-1-0.dll\n\n2. Place this dll in install directory (or C:\\Windows, or any directory\ndefined in the PATH environment variable)\nC:\\Program Files\\Progea\\Movicon11.5\\\n\n3. Run MoviconService.exe (or any of the above listed executables), and Exit\n\n------------------------\nCVE-2017-14017 has been assigned to this vulnerability. A CVSS v3 base\nscore of 6.8 has been assigned; the CVSS vector string is\n(AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). \n\nA successful attempt would require the local user to be able to insert\ntheir code in the system root path undetected by the OS or other security\napplications where it could potentially be executed during application\nstartup or reboot. \n\naC/ MOVICON (MOVICON) runs as LocalSystem and has path: C:\\Program\nFiles\\Progea\\Movicon11.5\\MoviconService.exe:\n\nCVE-2017-14019 has been assigned to this vulnerability. A CVSS v3 base\nscore of 6.5 has been assigned; the CVSS vector string is\n(AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). \n\n+++++\n\nBest Regards,\nKarn Ganeshen\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14019"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "PACKETSTORM",
"id": "144818"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14019",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-290-01",
"trust": 3.4
},
{
"db": "BID",
"id": "101483",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-30496",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503",
"trust": 0.8
},
{
"db": "IVD",
"id": "E538BC3B-A533-48AA-A303-EEAF311C363B",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "144818",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"id": "VAR-201710-0805",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
}
],
"trust": 1.4500000000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
}
]
},
"last_update_date": "2024-11-23T21:53:40.616000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.progea.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-290-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/101483"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14019"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14019"
},
{
"trust": 0.3,
"url": "http://www.progea.com/it-it/downloads/software.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14017"
},
{
"trust": 0.1,
"url": "https://ipositivesecurity.com/2017/10/28/ics-progea-movicon-scadahmi-vulnerabilities/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-18T00:00:00",
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"date": "2017-10-17T00:00:00",
"db": "BID",
"id": "101483"
},
{
"date": "2017-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"date": "2017-10-31T13:44:44",
"db": "PACKETSTORM",
"id": "144818"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"date": "2017-10-19T23:29:00.327000",
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30496"
},
{
"date": "2017-10-17T00:00:00",
"db": "BID",
"id": "101483"
},
{
"date": "2017-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009503"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1256"
},
{
"date": "2024-11-21T03:11:58.483000",
"db": "NVD",
"id": "CVE-2017-14019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon Vulnerabilities related to unquoted search paths or elements",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009503"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e538bc3b-a533-48aa-a303-eeaf311c363b"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1256"
}
],
"trust": 0.8
}
}
var-201109-0184
Vulnerability from variot
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field. When the software runs the project, it will listen to the 12233 port to process the special \"EIDP\" protocol, and submit a special \"EIDP\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The memory can be destroyed by \"memcpy(heap_buffer, input, content_length_size)\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. Movicon 11.2 Build 1085 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0184",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon build",
"scope": "eq",
"trust": 1.9,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11.0.1017"
},
{
"model": "movicon powerhmi",
"scope": "lte",
"trust": 1.0,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon / powerhmi",
"scope": "lte",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.2.1085"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11.0.1017"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon_powerhmi",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "49605"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3491",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3491",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "9193190a-1f88-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3491",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3491",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-264",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field. When the software runs the project, it will listen to the 12233 port to process the special \\\"EIDP\\\" protocol, and submit a special \\\"EIDP\\\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The memory can be destroyed by \\\"memcpy(heap_buffer, input, content_length_size)\\\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. \nMovicon 11.2 Build 1085 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3491"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3491",
"trust": 3.3
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-256-01",
"trust": 2.4
},
{
"db": "BID",
"id": "49605",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264",
"trust": 1.2
},
{
"db": "OSVDB",
"id": "75494",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-3661",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-3663",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-294-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "A4AAF542-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "5FA92812-1F88-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "9193190A-1F88-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"id": "VAR-201109-0184",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
],
"trust": 2.45
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.8
}
],
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
]
},
"last_update_date": "2024-11-23T21:56:08.221000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-01.pdf"
},
{
"trust": 1.9,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txt"
},
{
"trust": 1.0,
"url": "http://osvdb.org/75494"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69787"
},
{
"trust": 0.9,
"url": "http://aluigi.altervista.org/adv/movicon_3-adv.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3491"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3491"
},
{
"trust": 0.6,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txthttp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49605"
},
{
"trust": 0.3,
"url": "http://www.progea.com/"
},
{
"trust": 0.3,
"url": "http://aluigi.altervista.org/adv/movicon_2-adv.txt"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-294-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-09-13T00:00:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"date": "2011-09-16T14:28:13.043000",
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-10-21T16:01:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002274"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-264"
},
{
"date": "2024-11-21T01:30:35.193000",
"db": "NVD",
"id": "CVE-2011-3491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon/PowerHMI Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "a4aaf542-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5fa92812-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9193190a-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-264"
}
],
"trust": 1.8
}
}
var-201710-0804
Vulnerability from variot
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file. Progea Movicon Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to a multiple privilege-escalation vulnerabilities. Movicon versions 11.5.1181 and prior are affected.
BACKGROUND
Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture, Transportation Systems, Water and Wastewater Systems Countries/Areas Deployed: Europe, India, and United States Company Headquarters Location: Italy
IMPACT
Successful exploitation of these vulnerabilities could allow privilege escalation or arbitrary code execution.
The specific flaw exists within the handling of a specific named DLL file used by Movicon SCADA/HMI. By placing specific DLL file (listed below), an attacker is able to force the process to load an arbitrary DLL.
DLL File Name (1)
api-ms-win-appmodel-runtime-l1-1-0.dll
Application Executables (that look for missing DLL)
Movicon.exe MoviconRunTime.exe MoviconService.exe AlarmsImpExp.exe ReportViewerNET.exe
Steps to reproduce
-
Generate a dll payload msfvenom ap windows/exec cmd=calc.exe af dll ao api-ms-win-appmodel-runtime-l1-1-0.dll
-
Place this dll in install directory (or C:\Windows, or any directory defined in the PATH environment variable) C:\Program Files\Progea\Movicon11.5\
-
Run MoviconService.exe (or any of the above listed executables), and Exit
CVE-2017-14017 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot.
aC/ MOVICON (MOVICON) runs as LocalSystem and has path: C:\Program Files\Progea\Movicon11.5\MoviconService.exe:
CVE-2017-14019 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
+++++
Best Regards, Karn Ganeshen
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0804",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon",
"scope": "lte",
"trust": 1.0,
"vendor": "progea",
"version": "11.5.1181"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.5.1181"
},
{
"model": "movicon",
"scope": "lte",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.5.1181"
},
{
"model": "movicon",
"scope": "lte",
"trust": 0.6,
"vendor": "progea",
"version": "\u003c=11.5.1181"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.4.1150"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.41150"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.3"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen.",
"sources": [
{
"db": "BID",
"id": "101483"
}
],
"trust": 0.3
},
"cve": "CVE-2017-14017",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-14017",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-30495",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "f722565a-b363-40d4-9b2c-f2853d768656",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-14017",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14017",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-14017",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-30495",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file. Progea Movicon Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to a multiple privilege-escalation vulnerabilities. \nMovicon versions 11.5.1181 and prior are affected. \n\n------------------------\nBACKGROUND\n------------------------\nCritical Infrastructure Sectors: Critical Manufacturing, Energy, Food and\nAgriculture, Transportation Systems, Water and Wastewater Systems\nCountries/Areas Deployed: Europe, India, and United States\nCompany Headquarters Location: Italy\n\n\n------------------------\nIMPACT\n------------------------\nSuccessful exploitation of these vulnerabilities could allow privilege\nescalation or arbitrary code execution. \n\nThe specific flaw exists within the handling of a specific named DLL file\nused by Movicon SCADA/HMI. By placing specific DLL file (listed below), an\nattacker is able to force the process to load an arbitrary DLL. \n\n------------------------\nDLL File Name (1)\n------------------------\napi-ms-win-appmodel-runtime-l1-1-0.dll\n\n------------------------\nApplication Executables (that look for missing DLL)\n------------------------\nMovicon.exe\nMoviconRunTime.exe\nMoviconService.exe\nAlarmsImpExp.exe\nReportViewerNET.exe\n\n------------------------\nSteps to reproduce\n------------------------\n\n1. Generate a dll payload\nmsfvenom ap windows/exec cmd=calc.exe af dll ao\napi-ms-win-appmodel-runtime-l1-1-0.dll\n\n2. Place this dll in install directory (or C:\\Windows, or any directory\ndefined in the PATH environment variable)\nC:\\Program Files\\Progea\\Movicon11.5\\\n\n3. Run MoviconService.exe (or any of the above listed executables), and Exit\n\n------------------------\nCVE-2017-14017 has been assigned to this vulnerability. A CVSS v3 base\nscore of 6.8 has been assigned; the CVSS vector string is\n(AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). \n\nA successful attempt would require the local user to be able to insert\ntheir code in the system root path undetected by the OS or other security\napplications where it could potentially be executed during application\nstartup or reboot. \n\naC/ MOVICON (MOVICON) runs as LocalSystem and has path: C:\\Program\nFiles\\Progea\\Movicon11.5\\MoviconService.exe:\n\nCVE-2017-14019 has been assigned to this vulnerability. A CVSS v3 base\nscore of 6.5 has been assigned; the CVSS vector string is\n(AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). \n\n+++++\n\nBest Regards,\nKarn Ganeshen\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "PACKETSTORM",
"id": "144818"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14017",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-290-01",
"trust": 3.4
},
{
"db": "BID",
"id": "101483",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-30495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507",
"trust": 0.8
},
{
"db": "IVD",
"id": "F722565A-B363-40D4-9B2C-F2853D768656",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "144818",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"id": "VAR-201710-0804",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
}
],
"trust": 1.4500000000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
}
]
},
"last_update_date": "2024-11-23T21:53:40.654000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.progea.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-290-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/101483"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14017"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14017"
},
{
"trust": 0.3,
"url": "http://www.progea.com/it-it/downloads/software.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14019"
},
{
"trust": 0.1,
"url": "https://ipositivesecurity.com/2017/10/28/ics-progea-movicon-scadahmi-vulnerabilities/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"db": "BID",
"id": "101483"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"db": "PACKETSTORM",
"id": "144818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-18T00:00:00",
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"date": "2017-10-17T00:00:00",
"db": "BID",
"id": "101483"
},
{
"date": "2017-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"date": "2017-10-31T13:44:44",
"db": "PACKETSTORM",
"id": "144818"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"date": "2017-10-19T23:29:00.280000",
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30495"
},
{
"date": "2017-10-17T00:00:00",
"db": "BID",
"id": "101483"
},
{
"date": "2017-11-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009507"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1258"
},
{
"date": "2024-11-21T03:11:58.247000",
"db": "NVD",
"id": "CVE-2017-14017"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon SCADA/HMI Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNVD",
"id": "CNVD-2017-30495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "f722565a-b363-40d4-9b2c-f2853d768656"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1258"
}
],
"trust": 0.8
}
}
var-201109-0171
Vulnerability from variot
Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location. When the software runs the project, it will listen to the 12233 port to process the special \"EIDP\" protocol, and submit a special \"EIDP\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The server incorrectly processes the negative Content-Length field to trigger the heap-based buffer overflow. The memory can be destroyed by \"memcpy(heap_buffer, input, content_length_size)\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. Movicon 11.2 Build 1085 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11.0.1017"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 1.5,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon powerhmi",
"scope": "lte",
"trust": 1.0,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon / powerhmi",
"scope": "lte",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.2.1085"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11.0.1017"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon_powerhmi",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "49605"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3499",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3499",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3499",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-272",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location. When the software runs the project, it will listen to the 12233 port to process the special \\\"EIDP\\\" protocol, and submit a special \\\"EIDP\\\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The server incorrectly processes the negative Content-Length field to trigger the heap-based buffer overflow. The memory can be destroyed by \\\"memcpy(heap_buffer, input, content_length_size)\\\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. \nMovicon 11.2 Build 1085 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3499"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3499",
"trust": 2.9
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-256-01",
"trust": 2.4
},
{
"db": "BID",
"id": "49605",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-3663",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3661",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-294-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "A4D96A62-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"id": "VAR-201109-0171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
],
"trust": 2.05
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.4
}
],
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
]
},
"last_update_date": "2024-11-23T21:56:08.172000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://aluigi.altervista.org/adv/movicon_3-adv.txt"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-01.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69789"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3499"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3499"
},
{
"trust": 0.6,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txthttp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49605"
},
{
"trust": 0.3,
"url": "http://www.progea.com/"
},
{
"trust": 0.3,
"url": "http://aluigi.altervista.org/adv/movicon_2-adv.txt"
},
{
"trust": 0.3,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txt"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-294-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-09-13T00:00:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"date": "2011-09-16T17:26:14.840000",
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-10-21T16:01:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002276"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-272"
},
{
"date": "2024-11-21T01:30:36.450000",
"db": "NVD",
"id": "CVE-2011-3499"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon/PowerHMI Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "a4d96a62-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-272"
}
],
"trust": 1.4
}
}
var-201107-0263
Vulnerability from variot
TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651. Progea Movicon is a new generation of automated monitoring software. A vulnerability exists in TCPUploadServer.exe provided by Progea Movicon that allows remote unauthenticated hosts to execute arbitrary commands on the server. The attacker sends a specially crafted message to the server TCP port 10651, which allows the system to respond to the OS version and driver information. In addition, an attacker sending a specially crafted message can cause the file to be deleted or the server to crash. Progea Movicon is prone to a security-bypass vulnerability. An attacker can exploit this issue to perform unauthorized actions, obtain sensitive information, and cause denial-of-service conditions. Versions prior to Movicon 11.2 Build 1084 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon",
"scope": "eq",
"trust": 2.5,
"vendor": "progea",
"version": "11.2"
},
{
"model": "movicon",
"scope": "lt",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.2"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.8,
"vendor": "progea srl",
"version": "build 1084"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "movicon",
"version": "11.2"
},
{
"model": "movicon build",
"scope": "ne",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
}
],
"sources": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "BID",
"id": "46907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jeremy Brown",
"sources": [
{
"db": "BID",
"id": "46907"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2963",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2963",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c25a1730-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2963",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2963",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-460",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651. Progea Movicon is a new generation of automated monitoring software. A vulnerability exists in TCPUploadServer.exe provided by Progea Movicon that allows remote unauthenticated hosts to execute arbitrary commands on the server. The attacker sends a specially crafted message to the server TCP port 10651, which allows the system to respond to the OS version and driver information. In addition, an attacker sending a specially crafted message can cause the file to be deleted or the server to crash. Progea Movicon is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to perform unauthorized actions, obtain sensitive information, and cause denial-of-service conditions. \nVersions prior to Movicon 11.2 Build 1084 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2963"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "BID",
"id": "46907"
},
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2963",
"trust": 3.1
},
{
"db": "BID",
"id": "46907",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-11-056-01A",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-11-056-01",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "17034",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "72888",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-1214",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492",
"trust": 0.8
},
{
"db": "IVD",
"id": "C25A1730-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "9B4EA056-1F9A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "BID",
"id": "46907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"id": "VAR-201107-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
}
],
"trust": 1.65
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
}
]
},
"last_update_date": "2024-11-23T22:53:33.959000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com"
},
{
"title": "Progea Movicon \u0027TCPUploadServer.exe\u0027 security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/3376"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-056-01a.pdf"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-056-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/46907"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/72888"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/17034"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2963"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2963"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/46907http"
},
{
"trust": 0.3,
"url": "http://www.progea.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "BID",
"id": "46907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"db": "BID",
"id": "46907"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-29T00:00:00",
"db": "IVD",
"id": "c25a1730-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-24T00:00:00",
"db": "IVD",
"id": "9b4ea056-1f9a-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"date": "2011-03-15T00:00:00",
"db": "BID",
"id": "46907"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"date": "2011-07-29T19:55:04.437000",
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1214"
},
{
"date": "2015-04-13T20:01:00",
"db": "BID",
"id": "46907"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003492"
},
{
"date": "2011-08-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-460"
},
{
"date": "2024-11-21T01:29:22.730000",
"db": "NVD",
"id": "CVE-2011-2963"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon of TCPUploadServer.exe Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003492"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-460"
}
],
"trust": 0.6
}
}
var-201404-0550
Vulnerability from variot
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Progea Movicon 11.4 prior to Build 1150 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0550",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.4.1150"
},
{
"model": "movicon",
"scope": "lt",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.4"
},
{
"model": "movicon",
"scope": null,
"trust": 0.6,
"vendor": "progea",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "movicon",
"version": "11.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.3"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": "movicon build",
"scope": "ne",
"trust": 0.3,
"vendor": "progea",
"version": "11.41150"
}
],
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "BID",
"id": "66934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Celil ?n\u00fcver of SignalSEC Ltd",
"sources": [
{
"db": "BID",
"id": "66934"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0778",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0778",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-02544",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0778",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-0778",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-02544",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-388",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651. Movicon is an industrial monitoring software developed by the Italian automation software provider PROGEA (Scada/HMI). Progea Movicon is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. \nProgea Movicon 11.4 prior to Build 1150 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0778"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "BID",
"id": "66934"
},
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0778",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-105-01",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2014-02544",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388",
"trust": 1.0
},
{
"db": "BID",
"id": "66934",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "57980",
"trust": 0.6
},
{
"db": "IVD",
"id": "0F1D93F6-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D742B41-463F-11E9-AAF2-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "BID",
"id": "66934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"id": "VAR-201404-0550",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
}
],
"trust": 1.65
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
}
]
},
"last_update_date": "2024-11-23T23:12:47.014000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com/"
},
{
"title": "Progea Movicon patch for information disclosure vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/45065"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-105-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0778"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0778"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/57980"
},
{
"trust": 0.3,
"url": "http://www.progea.com/it-it/downloads/software.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "BID",
"id": "66934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"db": "BID",
"id": "66934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-21T00:00:00",
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-21T00:00:00",
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"date": "2014-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"date": "2014-04-15T00:00:00",
"db": "BID",
"id": "66934"
},
{
"date": "2014-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"date": "2014-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"date": "2014-04-19T19:55:07.200000",
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02544"
},
{
"date": "2014-04-15T00:00:00",
"db": "BID",
"id": "66934"
},
{
"date": "2014-04-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002190"
},
{
"date": "2014-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-388"
},
{
"date": "2024-11-21T02:02:47.337000",
"db": "NVD",
"id": "CVE-2014-0778"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0f1d93f6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d742b41-463f-11e9-aaf2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-02544"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-388"
}
],
"trust": 0.6
}
}
var-201109-0170
Vulnerability from variot
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. When the software runs the project, it will listen to the 12233 port to process the special \"EIDP\" protocol, and submit a special \"EIDP\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The server incorrectly processes the negative Content-Length field to trigger the heap-based buffer overflow. The memory can be destroyed by \"memcpy(heap_buffer, input, content_length_size)\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. Movicon 11.2 Build 1085 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 1.6,
"vendor": "progea",
"version": "11.0.1017"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 1.5,
"vendor": "progea",
"version": "11.21085"
},
{
"model": "movicon powerhmi",
"scope": "lte",
"trust": 1.0,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon powerhmi",
"scope": "eq",
"trust": 0.9,
"vendor": "progea",
"version": "11.2.1085"
},
{
"model": "movicon / powerhmi",
"scope": "lte",
"trust": 0.8,
"vendor": "progea srl",
"version": "11.2.1085"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.4"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2.1085.3"
},
{
"model": "movicon build",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.21084"
},
{
"model": "movicon",
"scope": "eq",
"trust": 0.3,
"vendor": "progea",
"version": "11.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "11.0.1017"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "movicon powerhmi",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:progea:movicon_powerhmi",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "49605"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3498",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3498",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-3498",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-271",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. When the software runs the project, it will listen to the 12233 port to process the special \\\"EIDP\\\" protocol, and submit a special \\\"EIDP\\\" message (the field is too large) through the WEB service to crash the service program. Movicon is an Italian HMI/SCADA software. When the software runs the project, it will listen to port 808 to receive the HTTP request. The server incorrectly processes the negative Content-Length field to trigger the heap-based buffer overflow. The memory can be destroyed by \\\"memcpy(heap_buffer, input, content_length_size)\\\". In addition, submitting an incoming HTTP request containing 8192 bytes can trigger a heap-based overflow. Movicon is prone to multiple heap-based buffer-overflow vulnerabilities and a denial-of-service vulnerability. \nMovicon 11.2 Build 1085 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3498"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3498",
"trust": 2.9
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-256-01",
"trust": 2.4
},
{
"db": "BID",
"id": "49605",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-3663",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-3661",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-294-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "A4E8ACF2-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"id": "VAR-201109-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
],
"trust": 2.05
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.4
}
],
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
}
]
},
"last_update_date": "2024-11-23T21:56:08.098000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.progea.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-01.pdf"
},
{
"trust": 1.9,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txt"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69788"
},
{
"trust": 0.9,
"url": "http://aluigi.altervista.org/adv/movicon_3-adv.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3498"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3498"
},
{
"trust": 0.6,
"url": "http://aluigi.altervista.org/adv/movicon_1-adv.txthttp"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49605"
},
{
"trust": 0.3,
"url": "http://www.progea.com/"
},
{
"trust": 0.3,
"url": "http://aluigi.altervista.org/adv/movicon_2-adv.txt"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-294-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"db": "BID",
"id": "49605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-09-13T00:00:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"date": "2011-09-16T17:26:14.810000",
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3663"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3661"
},
{
"date": "2011-10-21T16:01:00",
"db": "BID",
"id": "49605"
},
{
"date": "2011-09-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002268"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-271"
},
{
"date": "2024-11-21T01:30:36.293000",
"db": "NVD",
"id": "CVE-2011-3498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progea Movicon/PowerHMI Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "a4e8acf2-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-188"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-271"
}
],
"trust": 1.4
}
}
Vulnerability from fkie_nvd
Published
2017-10-19 23:29
Modified
2025-04-20 01:37
Severity ?
Summary
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/101483 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101483 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | Third Party Advisory, US Government Resource |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progea:movicon:11.5.1181:*:*:*:*:*:*:*",
"matchCriteriaId": "FD23F226-832B-4497-A5BE-68756D6414F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de elemento o ruta de b\u00fasqueda sin entrecomillar en Progea Movicon en la versi\u00f3n 11.5.1181 y anteriores. Se ha identificado una vulnerabilidad de elemento o ruta de b\u00fasqueda sin entrecomillar, lo que puede permitir que un usuario local autorizado inserte c\u00f3digo arbitrario en la ruta de servicio no entrecomillada y escale sus privilegios."
}
],
"id": "CVE-2017-14019",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T23:29:00.327",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-14 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progea:movicon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE210DF7-652A-4882-BA2C-528B0CFC96C8",
"versionEndIncluding": "11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request."
},
{
"lang": "es",
"value": "El servidor OPC en Progea Movicon anterior a v11.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fuera de los l\u00edmites de lectura y corrupci\u00f3n de memoria) a trav\u00e9s de una petici\u00f3n HTTP manipulada"
}
],
"id": "CVE-2012-1804",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-14T20:55:01.417",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/81814"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/49092"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/53484"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-131-01.pdf"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-19 23:29
Modified
2025-04-20 01:37
Severity ?
Summary
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/101483 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101483 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01 | Third Party Advisory, US Government Resource |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progea:movicon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "877BEABC-BB29-45FF-96BF-354EA88E6DBE",
"versionEndIncluding": "11.5.1181",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file."
},
{
"lang": "es",
"value": "Existe un problema de elemento de ruta de b\u00fasqueda no controlado en Progea Movicon en la versi\u00f3n 11.5.1181 y anteriores. Se ha identificado una vulnerabilidad de elemento de ruta de b\u00fasqueda no controlado, lo que podr\u00eda permitir que un atacante remoto sin privilegios ejecute c\u00f3digo arbitrario mediante un archivo DLL malicioso."
}
],
"id": "CVE-2017-14017",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T23:29:00.280",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-290-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-19 19:55
Modified
2025-09-24 22:15
Severity ?
Summary
TCPUploader module listens on Port 10651/TCP for incoming connections.
Exploitation of this vulnerability could allow a remote unauthenticated
user access to release OS version information. While this is a minor
vulnerability, it represents a method for further network
reconnaissance.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progea:movicon:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF66CD14-C48F-4828-940E-81D067D9C11F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCPUploader module listens on Port 10651/TCP for incoming connections. \nExploitation of this vulnerability could allow a remote unauthenticated \nuser access to release OS version information. While this is a minor \nvulnerability, it represents a method for further network \nreconnaissance."
},
{
"lang": "es",
"value": "El m\u00f3dulo TCPUploader en Progea Movicon 11.4 anterior a 11.4.1150 permite a atacantes remotos obtener informaci\u00f3n de versi\u00f3n potencialmente sensible a trav\u00e9s de trafico de red hacia puerto TCP 10651."
}
],
"id": "CVE-2014-0778",
"lastModified": "2025-09-24T22:15:34.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"userInteractionRequired": false
},
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-19T19:55:07.200",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.progea.com/it-it/downloads/software.aspx"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-105-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-29 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progea:movicon:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F069B966-A2DB-46A4-AC2A-A5E1628B5678",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651."
},
{
"lang": "es",
"value": "TCPUploadServer.exe en Progea Movicon v11.2 antes de Build1084 no requiere autenticaci\u00f3n para funciones cr\u00edticas, lo que permite a atacantes remotos obtener informaci\u00f3n sensible, borrar archivos, ejecutar programas de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante un paquete debidamente modificado contra el puerto TCP 10651."
}
],
"id": "CVE-2011-2963",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-07-29T19:55:04.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17034"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/72888"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/46907"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/72888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/46907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}