var-201705-3258
Vulnerability from variot
A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution. VIPA Controls WinPLC7 Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VIPA Automation WinPLC7. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of TCP packets. The software fails to validate the length field within the packet before copying it to a stack buffer. An attacker can leverage this vulnerability to execute code in the context of the process. WinPLC is a free set of applications for controlling the Velleman K8000 (Computer Interface Board). VIPA Controls WinPLC7 is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. WinPLC7 5.0.45.5921 and prior versions are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "winplc7",
"scope": "lte",
"trust": 1.8,
"vendor": "vipa controls",
"version": "5.0.45.5921"
},
{
"_id": null,
"model": "automation winplc7",
"scope": null,
"trust": 0.7,
"vendor": "vipa",
"version": null
},
{
"_id": null,
"model": "controls winplc7",
"scope": "lte",
"trust": 0.6,
"vendor": "vipa",
"version": "\u003c=5.0.45.5921"
},
{
"_id": null,
"model": "winplc7",
"scope": "eq",
"trust": 0.6,
"vendor": "vipa controls",
"version": "5.0.45.5921"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "winplc7",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
},
{
"db": "NVD",
"id": "CVE-2017-5177"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:vipa_controls:winplc7_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
}
]
},
"credits": {
"_id": null,
"data": "Ariele Caltabiano (kimiya)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-112"
}
],
"trust": 0.7
},
"cve": "CVE-2017-5177",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-5177",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-5177",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-02586",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-113380",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-5177",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5177",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5177",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2017-5177",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-02586",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-837",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113380",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "VULHUB",
"id": "VHN-113380"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
},
{
"db": "NVD",
"id": "CVE-2017-5177"
}
]
},
"description": {
"_id": null,
"data": "A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution. VIPA Controls WinPLC7 Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VIPA Automation WinPLC7. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of TCP packets. The software fails to validate the length field within the packet before copying it to a stack buffer. An attacker can leverage this vulnerability to execute code in the context of the process. WinPLC is a free set of applications for controlling the Velleman K8000 (Computer Interface Board). VIPA Controls WinPLC7 is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. \nWinPLC7 5.0.45.5921 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5177"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "BID",
"id": "96413"
},
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "VULHUB",
"id": "VHN-113380"
}
],
"trust": 3.33
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113380",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113380"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5177",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-054-01",
"trust": 3.1
},
{
"db": "BID",
"id": "96413",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "42693",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-02586",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3721",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-112",
"trust": 0.7
},
{
"db": "IVD",
"id": "C38D09E7-E6F9-42DA-805A-BA2F1A8C2F6A",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "144168",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113380",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "VULHUB",
"id": "VHN-113380"
},
{
"db": "BID",
"id": "96413"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
},
{
"db": "NVD",
"id": "CVE-2017-5177"
}
]
},
"id": "VAR-201705-3258",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "VULHUB",
"id": "VHN-113380"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
}
]
},
"last_update_date": "2024-11-23T22:01:10.069000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vipa.com/home/"
},
{
"title": "VIPA has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-01"
},
{
"title": "Patch for WinPLC Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/90359"
},
{
"title": "WinPLC Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68092"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113380"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "NVD",
"id": "CVE-2017-5177"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-054-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/96413"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/42693/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5177"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5177"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-112"
},
{
"db": "CNVD",
"id": "CNVD-2017-02586"
},
{
"db": "VULHUB",
"id": "VHN-113380"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
},
{
"db": "NVD",
"id": "CVE-2017-5177"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-112",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-02586",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113380",
"ident": null
},
{
"db": "BID",
"id": "96413",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004107",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5177",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-03-10T00:00:00",
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a",
"ident": null
},
{
"date": "2017-02-28T00:00:00",
"db": "ZDI",
"id": "ZDI-17-112",
"ident": null
},
{
"date": "2017-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02586",
"ident": null
},
{
"date": "2017-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-113380",
"ident": null
},
{
"date": "2017-02-23T00:00:00",
"db": "BID",
"id": "96413",
"ident": null
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004107",
"ident": null
},
{
"date": "2017-02-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-837",
"ident": null
},
{
"date": "2017-05-19T03:29:00.353000",
"db": "NVD",
"id": "CVE-2017-5177",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-02-28T00:00:00",
"db": "ZDI",
"id": "ZDI-17-112",
"ident": null
},
{
"date": "2017-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-02586",
"ident": null
},
{
"date": "2017-09-16T00:00:00",
"db": "VULHUB",
"id": "VHN-113380",
"ident": null
},
{
"date": "2017-03-07T03:09:00",
"db": "BID",
"id": "96413",
"ident": null
},
{
"date": "2017-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004107",
"ident": null
},
{
"date": "2017-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-837",
"ident": null
},
{
"date": "2024-11-21T03:27:12.483000",
"db": "NVD",
"id": "CVE-2017-5177",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "VIPA Controls WinPLC7 Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004107"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-837"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…