cvelistv5 - CVE-2017-7967

CVE-2017-7967 (GCVE-0-2017-7967)

Vulnerability from cvelistv5

Published

2017-05-09 17:00

Modified

2024-08-05 16:19

Severity ?

CWE

Memory Corruption

Summary

References

URL

	Vendor	Product	Version
	Schneider Electric SE	VAMPSET	Version: All versions prior to 2.2.189

ICSA-17-136-04

Vulnerability from csaf_cisa

Published

2017-05-16 00:00

Modified

2017-05-16 00:00

Summary

Schneider Electric VAMPSET

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Low skill level to exploit.

Critical infrastructure sectors

Energy

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Kushal Arvind Shah"
        ],
        "organization": "Fortinet\u0027s Fortiguard Labs",
        "summary": "reporting this vulnerability directly to Schneider Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-136-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-136-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-136-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-136-04"
      }
    ],
    "title": "Schneider Electric VAMPSET",
    "tracking": {
      "current_release_date": "2017-05-16T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-136-04",
      "initial_release_date": "2017-05-16T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-05-16T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-136-04 Schneider Electric VAMPSET"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2.2.189",
                "product": {
                  "name": "VAMPSET: versions prior to v2.2.189",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "VAMPSET"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7967",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VAMPSET is susceptible to a memory corruption vulnerability when a corrupted settings file is loaded. This vulnerability causes the software to halt or not start when trying to open the corrupted file.CVE-2017-7967 has been assigned to this vulnerability. A CVSS v3 base score of 5.6 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7967"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Schneider Electric has updated the VAMPSET tool in order to recognize malformed setting files. A new version of firmware with the fix for this vulnerability is available for download at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.schneider-electric.com/en/download/document/VAMPSET_v2.2.191/"
        },
        {
          "category": "vendor_fix",
          "details": "After the new version of firmware is installed, when a malformed file is loaded VAMPSET will remain operational and report to the user: \u201cCannot open file.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has issued Security Notification SEVD-2017-061-01, which contains additional information:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

icsa-17-136-04

Vulnerability from csaf_cisa

Published

2017-05-16 00:00

Modified

2017-05-16 00:00

Summary

Schneider Electric VAMPSET

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

ATTENTION: Low skill level to exploit.

Critical infrastructure sectors

Energy

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Kushal Arvind Shah"
        ],
        "organization": "Fortinet\u0027s Fortiguard Labs",
        "summary": "reporting this vulnerability directly to Schneider Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-136-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-136-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-136-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-136-04"
      }
    ],
    "title": "Schneider Electric VAMPSET",
    "tracking": {
      "current_release_date": "2017-05-16T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-136-04",
      "initial_release_date": "2017-05-16T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-05-16T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-136-04 Schneider Electric VAMPSET"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2.2.189",
                "product": {
                  "name": "VAMPSET: versions prior to v2.2.189",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "VAMPSET"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7967",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VAMPSET is susceptible to a memory corruption vulnerability when a corrupted settings file is loaded. This vulnerability causes the software to halt or not start when trying to open the corrupted file.CVE-2017-7967 has been assigned to this vulnerability. A CVSS v3 base score of 5.6 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7967"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Schneider Electric has updated the VAMPSET tool in order to recognize malformed setting files. A new version of firmware with the fix for this vulnerability is available for download at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.schneider-electric.com/en/download/document/VAMPSET_v2.2.191/"
        },
        {
          "category": "vendor_fix",
          "details": "After the new version of firmware is installed, when a malformed file is loaded VAMPSET will remain operational and report to the user: \u201cCannot open file.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has issued Security Notification SEVD-2017-061-01, which contains additional information:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

gsd-2017-7967

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-7967

Aliases

CVE-2017-7967

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7967",
    "description": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol.",
    "id": "GSD-2017-7967"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7967"
      ],
      "details": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol.",
      "id": "GSD-2017-7967",
      "modified": "2023-12-13T01:21:06.420684Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "ID": "CVE-2017-7967",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "VAMPSET",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions prior to 2.2.189"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Schneider Electric SE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Memory Corruption"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "97124",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97124"
          },
          {
            "name": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/",
            "refsource": "CONFIRM",
            "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:vampset:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.2.185",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2017-7967"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
            },
            {
              "name": "97124",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/97124"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-05-23T01:29Z",
      "publishedDate": "2017-05-09T17:29Z"
    }
  }
}

var-201705-3750

Vulnerability from variot

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol. Schneider Electric VAMPSET Software contains a buffer error vulnerability.Denial of service (DoS) May be in a state. Schneider Electric VAMPSET is a software company from Schneider Electric, France, deployed in the energy industry to configure and maintain multiple relays and arc monitors. An attacker could exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. Lead to a denial of service condition. Failed exploit attempts will likely cause denial-of-service conditions

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3750",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "vampset",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "2.2.185"
      },
      {
        "model": "vampset",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "2.2.189"
      },
      {
        "model": "electric vampset",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "v2.2.189"
      },
      {
        "model": "electric vampset",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "2.2.145"
      },
      {
        "model": "electric vampset",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "2.2.136"
      },
      {
        "model": "vampset",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider electric",
        "version": "2.2.185"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "vampset",
        "version": "*"
      },
      {
        "model": "vampset",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "2.2.145"
      },
      {
        "model": "vampset",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "2.2.136"
      },
      {
        "model": "vampset",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "2.2.189"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:schneider_electric:vampset",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Kushal Arvind Shah from Fortinet\u0027s Fortiguard Labs.",
    "sources": [
      {
        "db": "BID",
        "id": "97124"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-7967",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-7967",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.7,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2017-06423",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2017-05641",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.7,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.1,
            "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-116170",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "id": "CVE-2017-7967",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-7967",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-7967",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06423",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-05641",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-901",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "IVD",
            "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069",
            "trust": 0.2,
            "value": "LOW"
          },
          {
            "author": "IVD",
            "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05",
            "trust": 0.2,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-116170",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol. Schneider Electric VAMPSET Software contains a buffer error vulnerability.Denial of service (DoS) May be in a state. Schneider Electric VAMPSET is a software company from Schneider Electric, France, deployed in the energy industry to configure and maintain multiple relays and arc monitors. An attacker could exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. Lead to a denial of service condition. Failed exploit attempts will likely cause denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      }
    ],
    "trust": 3.42
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7967",
        "trust": 3.8
      },
      {
        "db": "SCHNEIDER",
        "id": "SEVD-2017-061-01",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "97124",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-136-04",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "89AD9C93-EB8E-463A-8758-EB5258CA9069",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "753CCABE-B440-4A3A-A6AD-9BB292467D05",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "id": "VAR-201705-3750",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      }
    ],
    "trust": 2.521428565
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.6
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      }
    ]
  },
  "last_update_date": "2024-11-23T23:09:02.853000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SEVD-2017-061-01",
        "trust": 0.8,
        "url": "http://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Id=7289882651\u0026p_File_Name=SEVD-2017-061-01+VAMPSET.pdf\u0026p_Reference=SEVD-2017-061-01"
      },
      {
        "title": "Schneider Electric VAMPSET Memory Corruption Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93552"
      },
      {
        "title": "Schneider Electric VAMPSET Patch for Local Memory Corruption Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/92942"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.schneider-electric.com/en/download/document/sevd-2017-061-01/"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/97124"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7967"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7967"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/97124/info"
      },
      {
        "trust": 0.3,
        "url": "http://www.schneider-electric.com/products/ww/en/"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-136-04"
      },
      {
        "trust": 0.3,
        "url": "http://download.schneider-electric.com/files?p_endoctype=technical+leaflet\u0026p_file_id=6595887732\u0026p_file_name=sevd-2017-061-01+vampset.pdf\u0026p_reference=sevd-2017-061-01"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-13T00:00:00",
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "date": "2017-04-29T00:00:00",
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "date": "2017-05-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "date": "2017-04-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "date": "2017-03-02T00:00:00",
        "db": "BID",
        "id": "97124"
      },
      {
        "date": "2017-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "date": "2017-04-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "date": "2017-05-09T17:29:00.213000",
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06423"
      },
      {
        "date": "2017-04-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "date": "2017-05-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116170"
      },
      {
        "date": "2017-05-23T16:26:00",
        "db": "BID",
        "id": "97124"
      },
      {
        "date": "2017-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003998"
      },
      {
        "date": "2017-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      },
      {
        "date": "2024-11-21T03:33:03.883000",
        "db": "NVD",
        "id": "CVE-2017-7967"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "97124"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Schneider Electric VAMPSET Local Memory Corruption Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-05641"
      },
      {
        "db": "BID",
        "id": "97124"
      }
    ],
    "trust": 1.1
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "89ad9c93-eb8e-463a-8758-eb5258ca9069"
      },
      {
        "db": "IVD",
        "id": "753ccabe-b440-4a3a-a6ad-9bb292467d05"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-901"
      }
    ],
    "trust": 1.0
  }
}

ghsa-m34p-hw58-6hwf

Vulnerability from github

Published

2022-05-17 02:44

Modified

2025-04-20 03:37

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7967"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-09T17:29:00Z",
    "severity": "MODERATE"
  },
  "details": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol.",
  "id": "GHSA-m34p-hw58-6hwf",
  "modified": "2025-04-20T03:37:21Z",
  "published": "2022-05-17T02:44:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7967"
    },
    {
      "type": "WEB",
      "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97124"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2017-06423

Vulnerability from cnvd

Title

Schneider Electric VAMPSET内存破坏漏洞

Description

Schneider Electric VAMPSET是法国施耐德电气（Schneider Electric）公司的一套部署在能源行业中的用于配置和维护多个继电器和电弧监控器的软件。 Schneider Electric VAMPSET V2.2.189版本中存在内存破坏漏洞。通过损坏的vf2文件，攻击者可利用漏洞导致软件停止运行或无法启动。

Severity

中

Patch Name

Schneider Electric VAMPSET内存破坏漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接: http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/

Reference

http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/

Impacted products

Name
Schneider Electric VAMPSET V2.2.189

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7967",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7967"
    }
  },
  "description": "Schneider Electric VAMPSET\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u90e8\u7f72\u5728\u80fd\u6e90\u884c\u4e1a\u4e2d\u7684\u7528\u4e8e\u914d\u7f6e\u548c\u7ef4\u62a4\u591a\u4e2a\u7ee7\u7535\u5668\u548c\u7535\u5f27\u76d1\u63a7\u5668\u7684\u8f6f\u4ef6\u3002\r\n\r\nSchneider Electric VAMPSET V2.2.189\u7248\u672c\u4e2d\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u901a\u8fc7\u635f\u574f\u7684vf2\u6587\u4ef6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u8f6f\u4ef6\u505c\u6b62\u8fd0\u884c\u6216\u65e0\u6cd5\u542f\u52a8\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttp://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-06423",
  "openTime": "2017-05-13",
  "patchDescription": "Schneider Electric VAMPSET\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u90e8\u7f72\u5728\u80fd\u6e90\u884c\u4e1a\u4e2d\u7684\u7528\u4e8e\u914d\u7f6e\u548c\u7ef4\u62a4\u591a\u4e2a\u7ee7\u7535\u5668\u548c\u7535\u5f27\u76d1\u63a7\u5668\u7684\u8f6f\u4ef6\u3002\r\n\r\nSchneider Electric VAMPSET V2.2.189\u7248\u672c\u4e2d\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u901a\u8fc7\u635f\u574f\u7684vf2\u6587\u4ef6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u8f6f\u4ef6\u505c\u6b62\u8fd0\u884c\u6216\u65e0\u6cd5\u542f\u52a8\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric VAMPSET\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric VAMPSET V2.2.189"
  },
  "referenceLink": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/",
  "serverity": "\u4e2d",
  "submitTime": "2017-05-11",
  "title": "Schneider Electric VAMPSET\u5185\u5b58\u7834\u574f\u6f0f\u6d1e"
}

fkie_cve-2017-7967

Vulnerability from fkie_nvd

Published

2017-05-09 17:29

Modified

2025-04-20 01:37

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cybersecurity@se.com	http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/	Vendor Advisory
cybersecurity@se.com	http://www.securityfocus.com/bid/97124
af854a3a-2127-422b-91ae-364da2661108	http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97124

Impacted products

	Vendor	Product	Version
	schneider-electric	vampset	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:vampset:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D951553D-F5C3-4853-AE08-155B5EE0AC99",
              "versionEndIncluding": "2.2.185",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol."
    },
    {
      "lang": "es",
      "value": "Todas las versiones del software VAMPSET producido por Schneider Electric, anteriores a versi\u00f3n 2.2.189, son susceptibles a una vulnerabilidad de corrupci\u00f3n de memoria cuando se utiliza un archivo vf2 corrupto. Esta vulnerabilidad causa que el software se detenga o no se inicie al intentar abrir el archivo corrupto. Esta vulnerabilidad se produce cuando la configuraci\u00f3n de llenado est\u00e1 malformada intencionalmente y se abre en un estado independiente, sin conexi\u00f3n a un rel\u00e9 de protecci\u00f3n. Este ataque no se considera que sea explotable remotamente. Esta vulnerabilidad no tiene ning\u00fan efecto en la operaci\u00f3n del rel\u00e9 de protecci\u00f3n al que est\u00e1 conectado VAMPSET. A medida que el sistema operativo Windows se mantiene trabajando y VAMPSET responde, es capaz de apagarse por medio de su protocolo de cierre normal."
    }
  ],
  "id": "CVE-2017-7967",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-09T17:29:00.213",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
    },
    {
      "source": "cybersecurity@se.com",
      "url": "http://www.securityfocus.com/bid/97124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/97124"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-7967 (GCVE-0-2017-7967)

Vulnerability from cvelistv5

ICSA-17-136-04

Vulnerability from csaf_cisa

icsa-17-136-04

Vulnerability from csaf_cisa

gsd-2017-7967

Vulnerability from gsd

var-201705-3750

Vulnerability from variot

ghsa-m34p-hw58-6hwf

Vulnerability from github

cnvd-2017-06423

Vulnerability from cnvd

fkie_cve-2017-7967

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature