var-201503-0335
Vulnerability from variot
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojans in unspecified directories DLL You may get permission through. The FactoryTalk Services Platform provides routine services (such as diagnostics, health monitoring services, and real-time data access) for products and applications in the FactoryTalk system. FactoryTalk View Studio is a configuration software for developing or testing machine-level or monitoring management-level Human Machine Interface (HMI) applications. Multiple native code execution vulnerabilities exist in multiple Rockwell Automation product DLL loads. An attacker can exploit arbitrary exploits and system privileges to execute arbitrary code. Failed attempts may lead to denial-of-service conditions. The following products are affected: FactoryTalk Services Platform prior to 2.71.00 FactoryTalk View Studio versions 8.00.00 and prior. A local attacker can use the Trojan horse DLL file to exploit this vulnerability to gain permissions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "factorytalk services platform",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "2.70.00"
},
{
"model": "factorytalk view studio",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "8.00.00"
},
{
"model": "factorytalk services platform",
"scope": "lt",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "2.71.00"
},
{
"model": "factorytalk view studio",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "8.00.00"
},
{
"model": "automation factorytalk services platform",
"scope": "lt",
"trust": 0.6,
"vendor": "rockwell",
"version": "2.71.00"
},
{
"model": "automation factorytalk view studio",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=8.00.00"
},
{
"model": "factorytalk services platform",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwellautomation",
"version": "2.70.00"
},
{
"model": "factorytalk view studio",
"scope": "eq",
"trust": 0.6,
"vendor": "rockwellautomation",
"version": "8.00.00"
},
{
"model": "automation factorytalk view studio",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "8.00.00"
},
{
"model": "automation factorytalk services platform",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "0"
},
{
"model": "automation factorytalk services platform",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "2.71.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "factorytalk services platform",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "factorytalk view studio",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "BID",
"id": "73247"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:rockwellautomation:factorytalk_services_platform",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:rockwellautomation:factorytalk_view_studio",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez of NullCode, and Evilcode Team.",
"sources": [
{
"db": "BID",
"id": "73247"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
}
],
"trust": 0.9
},
"cve": "CVE-2014-9209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2014-9209",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-02027",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-77154",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9209",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-9209",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-02027",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-437",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-77154",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "VULHUB",
"id": "VHN-77154"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojans in unspecified directories DLL You may get permission through. The FactoryTalk Services Platform provides routine services (such as diagnostics, health monitoring services, and real-time data access) for products and applications in the FactoryTalk system. FactoryTalk View Studio is a configuration software for developing or testing machine-level or monitoring management-level Human Machine Interface (HMI) applications. Multiple native code execution vulnerabilities exist in multiple Rockwell Automation product DLL loads. An attacker can exploit arbitrary exploits and system privileges to execute arbitrary code. Failed attempts may lead to denial-of-service conditions. \nThe following products are affected:\nFactoryTalk Services Platform prior to 2.71.00\nFactoryTalk View Studio versions 8.00.00 and prior. A local attacker can use the Trojan horse DLL file to exploit this vulnerability to gain permissions",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9209"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "BID",
"id": "73247"
},
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-77154"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9209",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-15-062-02",
"trust": 2.8
},
{
"db": "BID",
"id": "73247",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-02027",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004",
"trust": 0.8
},
{
"db": "IVD",
"id": "99EB7BCA-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-77154",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "VULHUB",
"id": "VHN-77154"
},
{
"db": "BID",
"id": "73247"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"id": "VAR-201503-0335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "VULHUB",
"id": "VHN-77154"
}
],
"trust": 1.4358871
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
}
]
},
"last_update_date": "2024-11-23T22:38:53.021000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Software",
"trust": 0.8,
"url": "http://www.rockwellautomation.com/rockwellsoftware/overview.page?"
},
{
"title": "Multiple Rockwell Automation product DLLs load patches with multiple native code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-062-02"
},
{
"trust": 1.7,
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646323"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/73247"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9209"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9209"
},
{
"trust": 0.3,
"url": "http://www.rockwellautomation.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "VULHUB",
"id": "VHN-77154"
},
{
"db": "BID",
"id": "73247"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"db": "VULHUB",
"id": "VHN-77154"
},
{
"db": "BID",
"id": "73247"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-28T00:00:00",
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"date": "2015-03-31T00:00:00",
"db": "VULHUB",
"id": "VHN-77154"
},
{
"date": "2015-03-20T00:00:00",
"db": "BID",
"id": "73247"
},
{
"date": "2015-04-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"date": "2015-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"date": "2015-03-31T01:59:19.783000",
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02027"
},
{
"date": "2015-03-31T00:00:00",
"db": "VULHUB",
"id": "VHN-77154"
},
{
"date": "2015-03-20T00:00:00",
"db": "BID",
"id": "73247"
},
{
"date": "2015-04-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008004"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-437"
},
{
"date": "2024-11-21T02:20:24.360000",
"db": "NVD",
"id": "CVE-2014-9209"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "73247"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation FactoryTalk Services Platform and FactoryTalk View Studio of Clean Utility Application vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008004"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "99eb7bca-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-437"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…