Sign-up

ID

VAR-201705-3538


CVE

CVE-2017-6025


TITLE

3S-Smart Software Solutions GmbH CODESYS Web Server Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-004193 // CNNVD: CNNVD-201702-587

DESCRIPTION

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. 3S-Smart Software Solutions CODESYS is a PLC (programmable controller) software programming tool from 3S-Smart Software Solutions, Germany

Trust: 2.61

sources: NVD: CVE-2017-6025 // JVNDB: JVNDB-2017-004193 // CNVD: CNVD-2017-05023 // BID: 97174 // IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f // CNVD: CNVD-2017-05023

AFFECTED PRODUCTS

vendor:codesysmodel:web serverscope:lteversion:2.3

Trust: 1.0

vendor:3s smartmodel:codesys webserverscope:lteversion:2.3

Trust: 0.8

vendor:3s smartmodel:software solutions codesys gateway serverscope:lteversion:<=2.3

Trust: 0.6

vendor:codesysmodel:web serverscope:eqversion:2.3

Trust: 0.6

vendor:3s smartmodel:codesys web serverscope:eqversion:2.3

Trust: 0.3

vendor:web servermodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f // CNVD: CNVD-2017-05023 // BID: 97174 // JVNDB: JVNDB-2017-004193 // CNNVD: CNNVD-201702-587 // NVD: CVE-2017-6025

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6025
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-6025
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-05023
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201702-587
value: CRITICAL

Trust: 0.6

IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2017-6025
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-05023
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-6025
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f // CNVD: CNVD-2017-05023 // JVNDB: JVNDB-2017-004193 // CNNVD: CNNVD-201702-587 // NVD: CVE-2017-6025

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

problemtype:CWE-121

Trust: 1.0

sources: JVNDB: JVNDB-2017-004193 // NVD: CVE-2017-6025

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-587

TYPE

Buffer error

Trust: 0.8

sources: IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f // CNNVD: CNNVD-201702-587

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-004193

PATCH
title:CODESYSurl:https://www.codesys.com/
Trust: 0.8
title:Patch for CoDeSys Stack Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/92344
Trust: 0.6
title:3S-Smart Software Solutions GmbH CODESYS Web Server Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99643
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-05023 // 
            
            
            
            JVNDB: JVNDB-2017-004193 // 
            
            
            
            CNNVD: CNNVD-201702-587

EXTERNAL IDS
db:NVDid:CVE-2017-6025
Trust: 3.5
db:ICS CERTid:ICSA-17-087-02
Trust: 3.3
db:BIDid:97174
Trust: 1.9
db:CNVDid:CNVD-2017-05023
Trust: 0.8
db:CNNVDid:CNNVD-201702-587
Trust: 0.8
db:JVNDBid:JVNDB-2017-004193
Trust: 0.8
db:IVDid:2D04D2E9-BA21-4BFF-8204-19CF7F07FE3F
Trust: 0.2
sources:
            
            
            IVD: 2d04d2e9-ba21-4bff-8204-19cf7f07fe3f // 
            
            
            
            CNVD: CNVD-2017-05023 // 
            
            
            
            BID: 97174 // 
            
            
            
            JVNDB: JVNDB-2017-004193 // 
            
            
            
            CNNVD: CNNVD-201702-587 // 
            
            
            
            NVD: CVE-2017-6025

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-087-02
Trust: 3.3
url:http://www.securityfocus.com/bid/97174
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6025
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6025
Trust: 0.8
url:https://www.codesys.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-05023 // 
            
            
            
            BID: 97174 // 
            
            
            
            JVNDB: JVNDB-2017-004193 // 
            
            
            
            CNNVD: CNNVD-201702-587 // 
            
            
            
            NVD: CVE-2017-6025

CREDITS
David Atch of CyberX
Trust: 0.3
sources:
            
            
            BID: 97174

SOURCES
db:IVDid:2d04d2e9-ba21-4bff-8204-19cf7f07fe3f
db:CNVDid:CNVD-2017-05023
db:BIDid:97174
db:JVNDBid:JVNDB-2017-004193
db:CNNVDid:CNNVD-201702-587
db:NVDid:CVE-2017-6025

LAST UPDATE DATE
2024-11-23T22:22:33.049000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-05023date:2017-04-22T00:00:00
db:BIDid:97174date:2017-03-28T00:00:00
db:JVNDBid:JVNDB-2017-004193date:2017-06-19T00:00:00
db:CNNVDid:CNNVD-201702-587date:2019-10-17T00:00:00
db:NVDid:CVE-2017-6025date:2024-11-21T03:28:55.753

SOURCES RELEASE DATE
db:IVDid:2d04d2e9-ba21-4bff-8204-19cf7f07fe3fdate:2017-04-22T00:00:00
db:CNVDid:CNVD-2017-05023date:2017-04-21T00:00:00
db:BIDid:97174date:2017-03-28T00:00:00
db:JVNDBid:JVNDB-2017-004193date:2017-06-19T00:00:00
db:CNNVDid:CNNVD-201702-587date:2017-02-17T00:00:00
db:NVDid:CVE-2017-6025date:2017-05-19T03:29:00.447