ID

VAR-201605-0347


CVE

CVE-2016-4498


TITLE

Panasonic FPWIN Pro Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-002711

DESCRIPTION

Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of a project file. A specially-crafted project file will lead to execution outside of normal paths due to an uninitialized pointer dereference. An attacker can leverage this vulnerability to attain code execution under the context of the current process. Panasonic FPWIN Pro is a set of programming software for all FP series PLCs (Programmable Logic Controllers) from Panasonic Corporation of Japan. Panasonic FPWIN Pro is prone to a local denial-of-service vulnerability. Failed attacks will cause denial-of-service conditions

Trust: 3.24

sources: NVD: CVE-2016-4498 // JVNDB: JVNDB-2016-002711 // ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // BID: 90521 // IVD: 55650ad4-2351-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 55650ad4-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-03214

AFFECTED PRODUCTS

vendor:panasonicmodel:fpwin proscope:eqversion: -

Trust: 1.6

vendor:panasonicmodel:fpwin proscope:ltversion:7.x

Trust: 0.8

vendor:panasonicmodel:fpwin proscope:eqversion:5.x from 7.130

Trust: 0.8

vendor:panasonicmodel:fpwin proscope: - version: -

Trust: 0.7

vendor:panasonicmodel:fpwin proscope:eqversion:5.x

Trust: 0.6

vendor:panasonicmodel:fpwin proscope:eqversion:6.x

Trust: 0.6

vendor:panasonicmodel:fpwin proscope:lteversion:<=7.122

Trust: 0.6

vendor:fpwin promodel: - scope:eqversion: -

Trust: 0.2

sources: IVD: 55650ad4-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // JVNDB: JVNDB-2016-002711 // CNNVD: CNNVD-201605-199 // NVD: CVE-2016-4498

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4498
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-4498
value: MEDIUM

Trust: 0.8

ZDI: CVE-2016-4498
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2016-03214
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201605-199
value: MEDIUM

Trust: 0.6

IVD: 55650ad4-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2016-4498
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2016-4498
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2016-03214
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 55650ad4-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2016-4498
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.1
impactScore: 3.4
version: 3.0

Trust: 1.8

sources: IVD: 55650ad4-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // JVNDB: JVNDB-2016-002711 // CNNVD: CNNVD-201605-199 // NVD: CVE-2016-4498

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2016-002711 // NVD: CVE-2016-4498

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-199

TYPE

Input validation

Trust: 0.8

sources: IVD: 55650ad4-2351-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201605-199

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002711

PATCH

title:FPWIN Prourl:https://www.panasonic-electric-works.com/eu/plc-software-control-fpwin-pro.htm

Trust: 0.8

title:Panasonic has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01

Trust: 0.7

title:Patch for Panasonic FPWIN Pro Buffer Overflow Vulnerability (CNVD-2016-03214)url:https://www.cnvd.org.cn/patchInfo/show/75925

Trust: 0.6

title:Panasonic FPWIN Pro Buffer Overflow Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61517

Trust: 0.6

sources: ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // JVNDB: JVNDB-2016-002711 // CNNVD: CNNVD-201605-199

EXTERNAL IDS

db:NVDid:CVE-2016-4498

Trust: 4.2

db:ICS CERTid:ICSA-16-131-01

Trust: 3.0

db:ZDIid:ZDI-16-332

Trust: 2.3

db:BIDid:90521

Trust: 1.3

db:CNVDid:CNVD-2016-03214

Trust: 0.8

db:CNNVDid:CNNVD-201605-199

Trust: 0.8

db:JVNDBid:JVNDB-2016-002711

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-3456

Trust: 0.7

db:IVDid:55650AD4-2351-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: 55650ad4-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // BID: 90521 // JVNDB: JVNDB-2016-002711 // CNNVD: CNNVD-201605-199 // NVD: CVE-2016-4498

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-16-131-01

Trust: 3.7

url:http://zerodayinitiative.com/advisories/zdi-16-332/

Trust: 1.6

url:http://www.securityfocus.com/bid/90521

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4498

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4498

Trust: 0.8

url:http://panasonic.com/

Trust: 0.3

sources: ZDI: ZDI-16-332 // CNVD: CNVD-2016-03214 // BID: 90521 // JVNDB: JVNDB-2016-002711 // CNNVD: CNNVD-201605-199 // NVD: CVE-2016-4498

CREDITS

Steven Seeley of Source Incite

Trust: 0.7

sources: ZDI: ZDI-16-332

SOURCES

db:IVDid:55650ad4-2351-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-16-332
db:CNVDid:CNVD-2016-03214
db:BIDid:90521
db:JVNDBid:JVNDB-2016-002711
db:CNNVDid:CNNVD-201605-199
db:NVDid:CVE-2016-4498

LAST UPDATE DATE

2024-08-14T13:32:37.545000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-16-332date:2016-05-11T00:00:00
db:CNVDid:CNVD-2016-03214date:2016-05-17T00:00:00
db:BIDid:90521date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2016-002711date:2016-05-18T00:00:00
db:CNNVDid:CNNVD-201605-199date:2016-05-13T00:00:00
db:NVDid:CVE-2016-4498date:2016-11-28T20:18:26.773

SOURCES RELEASE DATE

db:IVDid:55650ad4-2351-11e6-abef-000c29c66e3ddate:2016-05-17T00:00:00
db:ZDIid:ZDI-16-332date:2016-05-11T00:00:00
db:CNVDid:CNVD-2016-03214date:2016-05-17T00:00:00
db:BIDid:90521date:2016-05-10T00:00:00
db:JVNDBid:JVNDB-2016-002711date:2016-05-18T00:00:00
db:CNNVDid:CNNVD-201605-199date:2016-05-11T00:00:00
db:NVDid:CVE-2016-4498date:2016-05-12T01:59:13.730