var-201609-0391
Vulnerability from variot
Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permission may be gained through a Trojan executable in the directory. Moxa Active OPC Server is an OPC driver package for operating HMI or SCADA systems. This may allow to gain elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active opc server",
"scope": "lt",
"trust": 1.4,
"vendor": "moxa",
"version": "2.4.19"
},
{
"model": "active opc server",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "2.4.18"
},
{
"model": "active opc server",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "2.4.18"
},
{
"model": "active opc server",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "active opc server",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "2.4.19"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "active opc server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:active_opc_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu.",
"sources": [
{
"db": "BID",
"id": "93046"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.9
},
"cve": "CVE-2016-5793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5793",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-08231",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-94612",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.0,
"id": "CVE-2016-5793",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5793",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-5793",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-08231",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-525",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-94612",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-5793",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permission may be gained through a Trojan executable in the directory. Moxa Active OPC Server is an OPC driver package for operating HMI or SCADA systems. This may allow to gain elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5793"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5793",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-16-264-01",
"trust": 2.9
},
{
"db": "BID",
"id": "93046",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-08231",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902",
"trust": 0.8
},
{
"db": "IVD",
"id": "F436FCC6-328C-4129-A88E-DFF60FD54CA1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94612",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-5793",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"id": "VAR-201609-0391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
}
],
"trust": 1.5
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
}
]
},
"last_update_date": "2024-11-23T22:56:21.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Active OPC Server",
"trust": 0.8,
"url": "http://www.moxa.com/product/automation_software_html.htm"
},
{
"title": "Moxa Active OPC Server Local Path Enumeration Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/81825"
},
{
"title": "Moxa Active OPC Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64258"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-264-01"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/93046"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5793"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-28T00:00:00",
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"date": "2016-09-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"date": "2016-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94612"
},
{
"date": "2016-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"date": "2016-09-20T00:00:00",
"db": "BID",
"id": "93046"
},
{
"date": "2016-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"date": "2016-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"date": "2016-09-24T10:59:02.603000",
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94612"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"date": "2016-09-20T00:00:00",
"db": "BID",
"id": "93046"
},
{
"date": "2016-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"date": "2016-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"date": "2024-11-21T02:55:01.303000",
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93046"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa Active OPC Server Local Path Enumeration Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…