cnvd - cnvd-2018-06521

cnvd-2018-06521

Vulnerability from cnvd

Title: Schneider Electric多款产品堆栈缓冲区溢出漏洞

Description:

Schneider Electric Modicon Premium\Modicon Quantum\Modicon M340\Modicon BMXNOR0200都是法国施耐德电气（Schneider Electric）公司的可编程控制器产品。

Schneider Electric多款产品存在堆栈缓冲区溢出漏洞，该漏洞源于FTP服务器未限制命令参数的长度，这可能会导致缓冲区溢出。

Severity: 中

Formal description:

目前没有详细的解决方案提供： https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/

Reference: https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01

Impacted products

Name
['Schneider Electric Modicon Premium', 'Schneider Electric Modicon Quantum', 'Schneider Electric Modicon M340', 'Schneider Electric Modicon X80 RTU (BMXNOR0200H)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-7240"
    }
  },
  "description": "Schneider Electric Modicon Premium\\Modicon Quantum\\Modicon M340\\Modicon BMXNOR0200\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u53ef\u7f16\u7a0b\u63a7\u5236\u5668\u4ea7\u54c1\u3002 \r\n\r\nSchneider Electric\u591a\u6b3e\u4ea7\u54c1\u5b58\u5728\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eFTP\u670d\u52a1\u5668\u672a\u9650\u5236\u547d\u4ee4\u53c2\u6570\u7684\u957f\u5ea6\uff0c\u8fd9\u53ef\u80fd\u4f1a\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002",
  "discovererName": "Nikita Maximov\uff0cAlexey Stennikov\u548cKirill Chernyshov",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06521",
  "openTime": "2018-03-28",
  "products": {
    "product": [
      "Schneider Electric Modicon Premium",
      "Schneider Electric Modicon Quantum",
      "Schneider Electric Modicon M340",
      "Schneider Electric Modicon X80 RTU (BMXNOR0200H)"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
  "serverity": "\u4e2d",
  "submitTime": "2018-03-28",
  "title": "Schneider Electric\u591a\u6b3e\u4ea7\u54c1\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2018-7240 (GCVE-0-2018-7240)

Vulnerability from cvelistv5

Published

2018-04-18 20:00

Modified

2024-08-05 06:24

Severity ?

CWE

Arbritrary Code Execution

Summary

A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.

References

▼	URL	Tags
	https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/103541	vdb-entry, x_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Schneider Electric SE	Modicon Quantum	Version: All versions of Modicon Quantum communication modules

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:24:11.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
          },
          {
            "name": "103541",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103541"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon Quantum",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All versions of Modicon Quantum communication modules"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in Schneider Electric\u0027s Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbritrary Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-20T19:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
        },
        {
          "name": "103541",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103541"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7240",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon Quantum",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions of Modicon Quantum communication modules"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability exists in Schneider Electric\u0027s Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbritrary Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "name": "103541",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103541"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7240",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-02-19T00:00:00",
    "dateUpdated": "2024-08-05T06:24:11.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted