Details of VAR-201512-0029

ID

VAR-201512-0029

CVE

CVE-2015-7937

TITLE

Schneider Electric Modicon M340 PLC BMXNOx and BMXPx Device stack-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-006488

DESCRIPTION

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. Schneider Electric Modicon M340 PLC BMXNOx and BMXPx are programmable controller products from Schneider Electric, France. GoAhead Web Server is one of the embedded web servers. Schneider Electric Modicon M340 is prone to an unspecified stack-based buffer-overflow vulnerability. Failed exploit attempts may crash the application, denying service to legitimate users

Trust: 2.7

sources: NVD: CVE-2015-7937 // JVNDB: JVNDB-2015-006488 // CNVD: CNVD-2015-08446 // BID: 79622 // IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-85898

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08446

AFFECTED PRODUCTS

vendor:	schneider electric	model:	bmxnoe0110	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnoe0100	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnor0200h	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnoc0401	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnoe0100h	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnor0200	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	bmxnoe0110h	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	modicon m340 bmxp342020h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342030	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342020	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxpra0100	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnoc0401	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnoe0100	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnoe0100h	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnoe0110	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnoe0110h	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnor0200	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnor0200h	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp342020	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp342020h	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp342030	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp3420302	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp3420302h	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxpra0100	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric modicon m340	scope:	-	version:	-	Trust: 0.6
vendor:	schneider electric	model:	bmxp342020h	scope:	eq	version:	-	Trust: 0.6
vendor:	schneider electric	model:	bmxp342030	scope:	eq	version:	-	Trust: 0.6
vendor:	schneider electric	model:	bmxp342020	scope:	eq	version:	-	Trust: 0.6
vendor:	schneider electric	model:	modicon m340 bmxpra0100	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxp3420302h	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxp3420302	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxp342030	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxp342020h	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxp342020	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnor0200h	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnor0200	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnoe0110h	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnoe0110	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnoe0100h	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnoe0100	scope:	-	version:	-	Trust: 0.3
vendor:	schneider electric	model:	modicon m340 bmxnoc0401	scope:	-	version:	-	Trust: 0.3
vendor:	bmxnoc0401	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnoe0100	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnoe0100h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnoe0110	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnoe0110h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnor0200	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnor0200h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342030	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxpra0100	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08446 // BID: 79622 // JVNDB: JVNDB-2015-006488 // CNNVD: CNNVD-201512-542 // NVD: CVE-2015-7937

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7937
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-7937
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-08446
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201512-542
value:	CRITICAL
Trust: 0.6
IVD:	6d82e7a8-2351-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-85898
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-7937
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-08446
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	6d82e7a8-2351-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-85898
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08446 // VULHUB: VHN-85898 // JVNDB: JVNDB-2015-006488 // CNNVD: CNNVD-201512-542 // NVD: CVE-2015-7937

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-85898 // JVNDB: JVNDB-2015-006488 // NVD: CVE-2015-7937

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-542

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201512-542

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006488

PATCH

title:	SEVD-2015-344-01	url:	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01	Trust: 0.8
title:	Schneider Electric Modicon M340 PLC BMXNOx and BMXPx Stack Buffer Overflow Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/68892	Trust: 0.6
title:	Schneider Electric Modicon M340 PLC BMXNOx and BMXPx Fixes for stack-based buffer overflow vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59311	Trust: 0.6

sources: CNVD: CNVD-2015-08446 // JVNDB: JVNDB-2015-006488 // CNNVD: CNNVD-201512-542

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7937	Trust: 3.6
db:	ICS CERT	id:	ICSA-15-351-01	Trust: 3.4
db:	BID	id:	79622	Trust: 2.6
db:	SCHNEIDER	id:	SEVD-2015-344-01	Trust: 1.7
db:	CNNVD	id:	CNNVD-201512-542	Trust: 0.9
db:	CNVD	id:	CNVD-2015-08446	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-006488	Trust: 0.8
db:	IVD	id:	6D82E7A8-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-85898	Trust: 0.1

sources: IVD: 6d82e7a8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08446 // VULHUB: VHN-85898 // BID: 79622 // JVNDB: JVNDB-2015-006488 // CNNVD: CNNVD-201512-542 // NVD: CVE-2015-7937

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-15-351-01	Trust: 3.4
url:	http://www.securityfocus.com/bid/79622	Trust: 2.3
url:	http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-344-01	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7937	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7937	Trust: 0.8
url:	http://www.schneider-electric.com/en/all-products	Trust: 0.3

sources: CNVD: CNVD-2015-08446 // VULHUB: VHN-85898 // BID: 79622 // JVNDB: JVNDB-2015-006488 // CNNVD: CNNVD-201512-542 // NVD: CVE-2015-7937

CREDITS

Nir Giller

Trust: 0.9

sources: BID: 79622 // CNNVD: CNNVD-201512-542

SOURCES

db:	IVD	id:	6d82e7a8-2351-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2015-08446
db:	VULHUB	id:	VHN-85898
db:	BID	id:	79622
db:	JVNDB	id:	JVNDB-2015-006488
db:	CNNVD	id:	CNNVD-201512-542
db:	NVD	id:	CVE-2015-7937

LAST UPDATE DATE

2024-11-23T22:01:39.956000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-08446	date:	2015-12-24T00:00:00
db:	VULHUB	id:	VHN-85898	date:	2016-11-28T00:00:00
db:	BID	id:	79622	date:	2015-12-17T00:00:00
db:	JVNDB	id:	JVNDB-2015-006488	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-542	date:	2015-12-22T00:00:00
db:	NVD	id:	CVE-2015-7937	date:	2024-11-21T02:37:41.870

SOURCES RELEASE DATE

db:	IVD	id:	6d82e7a8-2351-11e6-abef-000c29c66e3d	date:	2015-12-24T00:00:00
db:	CNVD	id:	CNVD-2015-08446	date:	2015-12-24T00:00:00
db:	VULHUB	id:	VHN-85898	date:	2015-12-21T00:00:00
db:	BID	id:	79622	date:	2015-12-17T00:00:00
db:	JVNDB	id:	JVNDB-2015-006488	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-542	date:	2015-12-21T00:00:00
db:	NVD	id:	CVE-2015-7937	date:	2015-12-21T11:59:12.097