Details of VAR-201704-1421

ID

VAR-201704-1421

CVE

CVE-2017-7574

TITLE

Schneider Electric SoMachine Basic and Modicon Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2017-003056

DESCRIPTION

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product. Schneider Electric SoMachine Basic and Modicon Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The former is a programming and debugging interface for all components on the control platform; the latter is a programmable controller. An attacker could exploit the vulnerability to open and modify protected project files with Schneider's products. A remote attacker may leverage this issue to gain root access to the affected system

Trust: 2.79

sources: NVD: CVE-2017-7574 // JVNDB: JVNDB-2017-003056 // CNVD: CNVD-2017-05014 // BID: 97518 // IVD: baed19f0-f146-47b4-be70-37b627575985 // VULHUB: VHN-115777 // VULMON: CVE-2017-7574

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: baed19f0-f146-47b4-be70-37b627575985 // CNVD: CNVD-2017-05014

AFFECTED PRODUCTS

vendor:	schneider electric	model:	modicon tm221ce16r	scope:	eq	version:	1.3.3.3	Trust: 1.9
vendor:	schneider electric	model:	somachine	scope:	eq	version:	1.4	Trust: 1.6
vendor:	schneider electric	model:	modicon tm221ce16r	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	somachine	scope:	eq	version:	basic software	Trust: 0.8
vendor:	schneider	model:	electric modicon tm221ce16r	scope:	eq	version:	1.3.3.3	Trust: 0.6
vendor:	schneider	model:	electric somachine basic sp1	scope:	eq	version:	1.4	Trust: 0.6
vendor:	schneider electric	model:	somachine basic	scope:	eq	version:	1.5	Trust: 0.3
vendor:	schneider electric	model:	somachine basic sp1	scope:	eq	version:	1.4	Trust: 0.3
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	1.5.0.1	Trust: 0.3
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	1.5.0.0	Trust: 0.3
vendor:	modicon tm221ce16r	model:	-	scope:	eq	version:	1.3.3.3	Trust: 0.2
vendor:	somachine	model:	-	scope:	eq	version:	1.4	Trust: 0.2

sources: IVD: baed19f0-f146-47b4-be70-37b627575985 // CNVD: CNVD-2017-05014 // BID: 97518 // JVNDB: JVNDB-2017-003056 // CNNVD: CNNVD-201704-273 // NVD: CVE-2017-7574

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7574
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-7574
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-05014
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201704-273
value:	CRITICAL
Trust: 0.6
IVD:	baed19f0-f146-47b4-be70-37b627575985
value:	HIGH
Trust: 0.2
VULHUB:	VHN-115777
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-7574
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-7574
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-05014
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	baed19f0-f146-47b4-be70-37b627575985
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-115777
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7574
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-7574
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: baed19f0-f146-47b4-be70-37b627575985 // CNVD: CNVD-2017-05014 // VULHUB: VHN-115777 // VULMON: CVE-2017-7574 // JVNDB: JVNDB-2017-003056 // CNNVD: CNNVD-201704-273 // NVD: CVE-2017-7574

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 1.9

sources: VULHUB: VHN-115777 // JVNDB: JVNDB-2017-003056 // NVD: CVE-2017-7574

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201704-273

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201704-273

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-003056

PATCH

title:

SEVD-2017-097-01

url:

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-01

Trust: 0.8

sources: JVNDB: JVNDB-2017-003056

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7574	Trust: 3.7
db:	BID	id:	97518	Trust: 3.5
db:	SCHNEIDER	id:	SEVD-2017-097-01	Trust: 1.8
db:	ICS CERT	id:	ICSA-17-103-02	Trust: 1.1
db:	CNNVD	id:	CNNVD-201704-273	Trust: 0.9
db:	CNVD	id:	CNVD-2017-05014	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-003056	Trust: 0.8
db:	IVD	id:	BAED19F0-F146-47B4-BE70-37B627575985	Trust: 0.2
db:	VULHUB	id:	VHN-115777	Trust: 0.1
db:	ICS CERT	id:	ICSA-17-103-02A	Trust: 0.1
db:	VULMON	id:	CVE-2017-7574	Trust: 0.1

sources: IVD: baed19f0-f146-47b4-be70-37b627575985 // CNVD: CNVD-2017-05014 // VULHUB: VHN-115777 // VULMON: CVE-2017-7574 // BID: 97518 // JVNDB: JVNDB-2017-003056 // CNNVD: CNNVD-201704-273 // NVD: CVE-2017-7574

REFERENCES

url:	https://os-s.net/advisories/oss-2017-02.pdf	Trust: 2.7
url:	http://www.securityfocus.com/bid/97518	Trust: 1.9
url:	http://download.schneider-electric.com/files?p_doc_ref=sevd-2017-097-01	Trust: 1.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-103-02	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7574	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7574	Trust: 0.8
url:	http://www.securityfocus.com/bid/97518/info	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/798.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-103-02a	Trust: 0.1

sources: CNVD: CNVD-2017-05014 // VULHUB: VHN-115777 // VULMON: CVE-2017-7574 // BID: 97518 // JVNDB: JVNDB-2017-003056 // CNNVD: CNNVD-201704-273 // NVD: CVE-2017-7574

CREDITS

Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg.

Trust: 0.3

sources: BID: 97518

SOURCES

db:	IVD	id:	baed19f0-f146-47b4-be70-37b627575985
db:	CNVD	id:	CNVD-2017-05014
db:	VULHUB	id:	VHN-115777
db:	VULMON	id:	CVE-2017-7574
db:	BID	id:	97518
db:	JVNDB	id:	JVNDB-2017-003056
db:	CNNVD	id:	CNNVD-201704-273
db:	NVD	id:	CVE-2017-7574

LAST UPDATE DATE

2024-11-23T22:01:10.532000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05014	date:	2017-04-22T00:00:00
db:	VULHUB	id:	VHN-115777	date:	2017-04-15T00:00:00
db:	VULMON	id:	CVE-2017-7574	date:	2021-08-23T00:00:00
db:	BID	id:	97518	date:	2017-04-18T01:06:00
db:	JVNDB	id:	JVNDB-2017-003056	date:	2017-05-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-273	date:	2021-08-24T00:00:00
db:	NVD	id:	CVE-2017-7574	date:	2024-11-21T03:32:11.727

SOURCES RELEASE DATE

db:	IVD	id:	baed19f0-f146-47b4-be70-37b627575985	date:	2017-04-22T00:00:00
db:	CNVD	id:	CNVD-2017-05014	date:	2017-04-22T00:00:00
db:	VULHUB	id:	VHN-115777	date:	2017-04-06T00:00:00
db:	VULMON	id:	CVE-2017-7574	date:	2017-04-06T00:00:00
db:	BID	id:	97518	date:	2017-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-003056	date:	2017-05-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-273	date:	2017-04-11T00:00:00
db:	NVD	id:	CVE-2017-7574	date:	2017-04-06T21:59:00.307