var-202011-1293
Vulnerability from variot
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. Interactive Graphical SCADA System (IGSS) Is Schneider Electric Software for monitoring and controlling control systems provided by the company. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CGF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "interactive graphical scada system",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "14.0.0.20247"
},
{
"_id": null,
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "version 14.0.0.20247"
},
{
"_id": null,
"model": "igss",
"scope": null,
"trust": 0.7,
"vendor": "schneider electric",
"version": null
},
{
"_id": null,
"model": "electric interactive graphical scada system",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "14.0.0.20247"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "NVD",
"id": "CVE-2020-7557"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:interactive_graphical_scada_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
}
]
},
"credits": {
"_id": null,
"data": "kimiya",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
}
],
"trust": 0.7
},
"cve": "CVE-2020-7557",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2020-7557",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-70522",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-185682",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-009593",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 7.2,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-7557",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-7557",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-009593",
"trust": 7.2,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-7557",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-7557",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2020-70522",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-1557",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-185682",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "VULHUB",
"id": "VHN-185682"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
},
{
"db": "NVD",
"id": "CVE-2020-7557"
}
]
},
"description": {
"_id": null,
"data": "A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. Interactive Graphical SCADA System (IGSS) Is Schneider Electric Software for monitoring and controlling control systems provided by the company. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CGF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-7557"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "VULHUB",
"id": "VHN-185682"
}
],
"trust": 2.88
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-7557",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-21-096",
"trust": 2.4
},
{
"db": "SCHNEIDER",
"id": "SEVD-2020-315-03",
"trust": 2.3
},
{
"db": "ICS CERT",
"id": "ICSA-20-324-04",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU99979220",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11297",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-70522",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4088",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-185682",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "VULHUB",
"id": "VHN-185682"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
},
{
"db": "NVD",
"id": "CVE-2020-7557"
}
]
},
"id": "VAR-202011-1293",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "VULHUB",
"id": "VHN-185682"
}
],
"trust": 1.6749999999999998
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-70522"
}
]
},
"last_update_date": "2024-11-23T21:35:03.799000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security Notification - Interactive Graphical SCADA System (IGSS)",
"trust": 0.8,
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-03"
},
{
"title": "IGSS Licensed Versions",
"trust": 0.8,
"url": "https://igss.schneider-electric.com/licensed-versions"
},
{
"title": "Schneider Electric has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-03/"
},
{
"title": "Patch for Schneider Electric Interactive Graphical SCADA System buffer overflow vulnerability (CNVD-2020-70522)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/241732"
},
{
"title": "Schneider Electric Interactive Graphical SCADA System Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135148"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
},
{
"problemtype": "CWE-119",
"trust": 0.8
},
{
"problemtype": "CWE-787",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-185682"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "NVD",
"id": "CVE-2020-7557"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "https://www.se.com/ww/en/download/document/sevd-2020-315-03/"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-096/"
},
{
"trust": 1.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-04"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7550"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7558"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7551"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7552"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7553"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7554"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7555"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7556"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7557"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99979220"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-7557"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4088/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-096"
},
{
"db": "CNVD",
"id": "CNVD-2020-70522"
},
{
"db": "VULHUB",
"id": "VHN-185682"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
},
{
"db": "NVD",
"id": "CVE-2020-7557"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-096",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-70522",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-185682",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-009593",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202011-1557",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-7557",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-01-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-096",
"ident": null
},
{
"date": "2020-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-70522",
"ident": null
},
{
"date": "2020-11-19T00:00:00",
"db": "VULHUB",
"id": "VHN-185682",
"ident": null
},
{
"date": "2020-11-19T08:46:47",
"db": "JVNDB",
"id": "JVNDB-2020-009593",
"ident": null
},
{
"date": "2020-11-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-1557",
"ident": null
},
{
"date": "2020-11-19T22:15:14.660000",
"db": "NVD",
"id": "CVE-2020-7557",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-01-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-096",
"ident": null
},
{
"date": "2020-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-70522",
"ident": null
},
{
"date": "2021-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-185682",
"ident": null
},
{
"date": "2020-11-19T08:46:47",
"db": "JVNDB",
"id": "JVNDB-2020-009593",
"ident": null
},
{
"date": "2021-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-1557",
"ident": null
},
{
"date": "2024-11-21T05:37:22.490000",
"db": "NVD",
"id": "CVE-2020-7557",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Schneider Electric Made Interactive Graphical SCADA System Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-009593"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-1557"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…