var-201706-0459
Vulnerability from variot
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Schneider Electric Modicon PLC has a multi-factor authentication bypass vulnerability. Once the session key is transmitted in clear text, the attacker can replay the request and add arbitrary commands, including starting and stopping the PLC, and downloading its ladder diagram. An attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. Attackers can exploit this vulnerability to implement brute force attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0459",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modbus",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": null
},
{
"model": "modbus",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric modicon plc",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "modicon modbus protocol",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modbus",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "BID",
"id": "97562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:modbus_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eran Goldstein of CRITIFENCE",
"sources": [
{
"db": "BID",
"id": "97562"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
}
],
"trust": 0.9
},
"cve": "CVE-2017-6032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-6032",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-04917",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-114235",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2017-6032",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-6032",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-6032",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-04917",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-1003",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114235",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "VULHUB",
"id": "VHN-114235"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks. Modicon PLC is a programmable controller product for the dam, energy, food agriculture and other industries. Schneider Electric Modicon PLC has a multi-factor authentication bypass vulnerability. Once the session key is transmitted in clear text, the attacker can replay the request and add arbitrary commands, including starting and stopping the PLC, and downloading its ladder diagram. \nAn attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. Attackers can exploit this vulnerability to implement brute force attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6032"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "BID",
"id": "97562"
},
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "VULHUB",
"id": "VHN-114235"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6032",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-101-01",
"trust": 2.8
},
{
"db": "BID",
"id": "97562",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-04917",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264",
"trust": 0.8
},
{
"db": "IVD",
"id": "A2AD11B3-CA53-436E-80F3-47C4077E853C",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-114235",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "VULHUB",
"id": "VHN-114235"
},
{
"db": "BID",
"id": "97562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"id": "VAR-201706-0459",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "VULHUB",
"id": "VHN-114235"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
}
]
},
"last_update_date": "2024-11-23T22:45:39.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2017-065-01",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-065-01"
},
{
"title": "Schneider Electric Modicon PLC Multi-Factor Authentication Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/92240"
},
{
"title": "Schneider Electric Modicon Modbus Protocol Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70262"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-358",
"trust": 1.9
},
{
"problemtype": "CWE-657",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114235"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-101-01"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/97562"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6032"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6032"
},
{
"trust": 0.6,
"url": "http://securityaffairs.co/wordpress/57731/malware/clearenergy-ransomware-scada.html"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "VULHUB",
"id": "VHN-114235"
},
{
"db": "BID",
"id": "97562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"db": "VULHUB",
"id": "VHN-114235"
},
{
"db": "BID",
"id": "97562"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"date": "2017-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"date": "2017-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-114235"
},
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97562"
},
{
"date": "2017-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"date": "2017-06-30T03:29:00.423000",
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-04917"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-114235"
},
{
"date": "2017-04-18T08:04:00",
"db": "BID",
"id": "97562"
},
{
"date": "2017-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005264"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1003"
},
{
"date": "2024-11-21T03:28:56.660000",
"db": "NVD",
"id": "CVE-2017-6032"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Modicon PLC Multi-factor authentication bypass vulnerability",
"sources": [
{
"db": "IVD",
"id": "a2ad11b3-ca53-436e-80f3-47c4077e853c"
},
{
"db": "CNVD",
"id": "CNVD-2017-04917"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1003"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…