VDE-2023-059

Vulnerability from csaf_pilzgmbhcokg - Published: 2023-12-05 07:06 - Updated: 2023-12-05 07:06
Summary
Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx
Notes
Summary: The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. The vulnerabilities can be exploited locally or over the network.
Impact: Displaying of a specially crafted HTML page can lead to heap buffer overflow or heap corruption. In a worst-case scenario, a successful exploitation of the vulnerabilities can lead to execution of arbitrary code using the privileges of the user running the affected software. In the case of the PASvisu Builder, the vulnerability can only be exploited locally.
Remediation: Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version. Only use project files from trustworthy sources. Protect project files against modification by unauthorized users. Limit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.
CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-787 - Out-of-bounds Write
Vendor Fix Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version. Only use project files from trustworthy sources. Protect project files against modification by unauthorized users. Limit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.
CVE-2023-5218

Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-416 - Use After Free
Vendor Fix Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version. Only use project files from trustworthy sources. Protect project files against modification by unauthorized users. Limit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. The vulnerabilities can be exploited locally or over the network.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Displaying of a specially crafted HTML page can lead to heap buffer overflow or heap corruption. In a\u00a0worst-case scenario, a successful exploitation of the vulnerabilities can lead to execution of arbitrary\u00a0code using the privileges of the user running the affected software. In the case of the PASvisu\u00a0Builder, the vulnerability can only be exploited locally.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.\nOnly use project files from trustworthy sources.\nProtect project files against modification by unauthorized users.\nLimit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "security@pilz.com",
      "name": "Pilz GmbH \u0026 Co. KG",
      "namespace": "https://www.pilz.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-059: Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-059/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-059: Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx - CSAF",
        "url": "https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-059.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.pilz.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Pilz GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/pilz/"
      }
    ],
    "title": "Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx",
    "tracking": {
      "aliases": [
        "VDE-2023-059"
      ],
      "current_release_date": "2023-12-05T07:06:00.000Z",
      "generator": {
        "date": "2025-04-30T13:57:22.468Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2023-059",
      "initial_release_date": "2023-12-05T07:06:00.000Z",
      "revision_history": [
        {
          "date": "2023-12-05T07:06:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "PASvisu",
                "product": {
                  "name": "PASvisu",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "PMI v8xx",
                "product": {
                  "name": "PMI v8xx",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "266807",
                      "266812",
                      "266815"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.14.1",
                "product": {
                  "name": "Firmware \u003c1.14.1",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=2.0.33992",
                "product": {
                  "name": "Firmware \u003c=2.0.33992",
                  "product_id": "CSAFPID-21002"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Pilz"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ],
        "summary": "Affected products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c1.14.1 installed on PASvisu",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2.0.33992 installed on PMI v8xx",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-5217",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "description",
          "text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.\nOnly use project files from trustworthy sources.\nProtect project files against modification by unauthorized users.\nLimit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002"
          ]
        }
      ],
      "title": "CVE-2023-5217"
    },
    {
      "cve": "CVE-2023-5218",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "description",
          "text": "Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Install the fixed product version as soon as it is available. Please visit the Pilz eShop(https://www.pilz.com/en-INT/eshop) to check for the fixed version.\nOnly use project files from trustworthy sources.\nProtect project files against modification by unauthorized users.\nLimit network access to legitimate connections by using a firewall or similar measures. Usepassword protection on the online project.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002"
          ]
        }
      ],
      "title": "CVE-2023-5218"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.