ID

VAR-201305-0387


TITLE

Siemens Solid Edge WebPartHelper ActiveX Remote code execution vulnerability

Trust: 1.7

sources: IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06292 // BID: 60158 // CNNVD: CNNVD-201305-588

DESCRIPTION

The Siemens Solid Edge SEListCtrlX ActiveX control \"SetItemReadOnly()\" method has an error that allows an attacker to build a malicious WEB page, convincing the user to parse, and can write certain values to any memory address, causing the application to crash or execute arbitrary code. Siemens Solid Edge is a 3D CAD parametric feature solid modeling software from Siemens (Germany). Provides modeling, assembly design, sketching, simulation, and additional application tools. A memory corruption vulnerability exists in the Siemens Solid Edge SEListCtrlX ActiveX control, which is caused by the program not performing sufficient boundary checks on user-submitted data. An attacker could use this vulnerability to execute arbitrary code in the context of an application (typically IE browser) using ActiveX controls, or it could cause a denial of service. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 3.06

sources: CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291 // CNNVD: CNNVD-201305-588 // CNNVD: CNNVD-201305-586 // BID: 60158 // BID: 60161 // IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.6

sources: IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291

AFFECTED PRODUCTS

vendor:siemensmodel:selistctrlx activex controlscope:eqversion:105.x

Trust: 1.6

vendor:siemensmodel:webparthelper activex controlscope:eqversion:105.x

Trust: 1.2

vendor:siemensmodel:solid edge st5scope:eqversion:105.x

Trust: 1.2

vendor:siemensmodel:webparthelper activex controlscope:eqversion:105.x*

Trust: 0.4

vendor:siemensmodel:solid edge st5scope:eqversion:105.x*

Trust: 0.4

vendor:siemensmodel:solid edgescope:eqversion:0

Trust: 0.3

sources: IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291 // BID: 60158

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2013-06292
value: HIGH

Trust: 0.6

CNVD: CNVD-2013-06291
value: HIGH

Trust: 0.6

IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

CNVD: CNVD-2013-06292
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-06291
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201305-588 // CNNVD: CNNVD-201305-586

TYPE

Design Error

Trust: 0.6

sources: BID: 60158 // BID: 60161

EXTERNAL IDS

db:BIDid:60158

Trust: 1.5

db:BIDid:60161

Trust: 1.5

db:SECUNIAid:53595

Trust: 1.2

db:CNVDid:CNVD-2013-06292

Trust: 0.8

db:CNVDid:CNVD-2013-06291

Trust: 0.8

db:CNNVDid:CNNVD-201305-588

Trust: 0.6

db:CNNVDid:CNNVD-201305-586

Trust: 0.6

db:IVDid:013FBB94-1F22-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:02F1F84E-1F22-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: 013fbb94-1f22-11e6-abef-000c29c66e3d // IVD: 02f1f84e-1f22-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291 // BID: 60158 // BID: 60161 // CNNVD: CNNVD-201305-588 // CNNVD: CNNVD-201305-586

REFERENCES

url:http://www.secunia.com/advisories/53595/

Trust: 1.2

url:http://retrogod.altervista.org/9sg_siemens_adv_i.htm

Trust: 0.6

url:http://retrogod.altervista.org/9sg_siemens_adv_ii.htm

Trust: 0.6

url:http://www.securityfocus.com/bid/60158

Trust: 0.6

url:http://www.securityfocus.com/bid/60161

Trust: 0.6

url:http://www.siemens.com/

Trust: 0.3

url:http://www.plm.automation.siemens.com/en_us/products/velocity/solidedge/

Trust: 0.3

url:http://subscriber.communications.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2013-06292 // CNVD: CNVD-2013-06291 // BID: 60158 // BID: 60161 // CNNVD: CNNVD-201305-588 // CNNVD: CNNVD-201305-586

CREDITS

rgod

Trust: 1.8

sources: BID: 60158 // BID: 60161 // CNNVD: CNNVD-201305-588 // CNNVD: CNNVD-201305-586

SOURCES

db:IVDid:013fbb94-1f22-11e6-abef-000c29c66e3d
db:IVDid:02f1f84e-1f22-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-06292
db:CNVDid:CNVD-2013-06291
db:BIDid:60158
db:BIDid:60161
db:CNNVDid:CNNVD-201305-588
db:CNNVDid:CNNVD-201305-586

LAST UPDATE DATE

2022-05-17T01:48:04.993000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-06292date:2013-06-03T00:00:00
db:CNVDid:CNVD-2013-06291date:2013-06-03T00:00:00
db:BIDid:60158date:2013-05-26T00:00:00
db:BIDid:60161date:2013-10-04T00:14:00
db:CNNVDid:CNNVD-201305-588date:2013-05-28T00:00:00
db:CNNVDid:CNNVD-201305-586date:2013-05-28T00:00:00

SOURCES RELEASE DATE

db:IVDid:013fbb94-1f22-11e6-abef-000c29c66e3ddate:2013-05-29T00:00:00
db:IVDid:02f1f84e-1f22-11e6-abef-000c29c66e3ddate:2013-05-29T00:00:00
db:CNVDid:CNVD-2013-06292date:2013-05-29T00:00:00
db:CNVDid:CNVD-2013-06291date:2013-05-29T00:00:00
db:BIDid:60158date:2013-05-26T00:00:00
db:BIDid:60161date:2013-05-26T00:00:00
db:CNNVDid:CNNVD-201305-588date:2013-05-28T00:00:00
db:CNNVDid:CNNVD-201305-586date:2013-05-28T00:00:00