Details of VAR-201706-0458

ID

VAR-201706-0458

CVE

CVE-2017-6030

TITLE

plural Schneider Electric Modicon PLC Modicon Vulnerability related to lack of entropy in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2017-005289

DESCRIPTION

A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected products generate insufficiently random TCP initial sequence numbers that may allow an attacker to predict the numbers from previous values. This may allow an attacker to spoof or disrupt TCP connections. Schneider Electric Modicon PLC Modicon M221 , M241 and M251 The firmware contains a vulnerability related to lack of entropy.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. Schneider-Electric Modicon M251 and others are programmable controller products from Schneider Electric. An attacker could exploit the vulnerability to obtain sensitive information or perform unauthorized actions. This may lead to other attacks

Trust: 2.79

sources: NVD: CVE-2017-6030 // JVNDB: JVNDB-2017-005289 // CNVD: CNVD-2017-09891 // BID: 97254 // IVD: 4a548a03-6217-4b58-9f7d-67dbc8ed4a34 // VULHUB: VHN-114233 // VULMON: CVE-2017-6030

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 4a548a03-6217-4b58-9f7d-67dbc8ed4a34 // CNVD: CNVD-2017-09891

AFFECTED PRODUCTS

vendor:	schneider electric	model:	modicon m221	scope:	lte	version:	1.1.1.5	Trust: 1.0
vendor:	schneider electric	model:	modicon m241	scope:	lte	version:	4.0.3.20	Trust: 1.0
vendor:	schneider electric	model:	modicon m251	scope:	lte	version:	4.0.3.20	Trust: 1.0
vendor:	schneider electric	model:	modicon m221	scope:	lt	version:	1.5.0.0	Trust: 0.8
vendor:	schneider electric	model:	modicon m241	scope:	lt	version:	4.0.5.11	Trust: 0.8
vendor:	schneider electric	model:	modicon m251	scope:	lt	version:	4.0.5.11	Trust: 0.8
vendor:	schneider	model:	electric modicon m251	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon m241	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon m221	scope:	-	version:	-	Trust: 0.6
vendor:	schneider electric	model:	modicon m241	scope:	eq	version:	4.0.3.20	Trust: 0.6
vendor:	schneider electric	model:	modicon m251	scope:	eq	version:	4.0.3.20	Trust: 0.6
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	1.1.1.5	Trust: 0.6
vendor:	schneider electric	model:	modicon m251	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon m241	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon m251	scope:	ne	version:	4.0.5.11	Trust: 0.3
vendor:	schneider electric	model:	modicon m241	scope:	ne	version:	4.0.5.11	Trust: 0.3
vendor:	schneider electric	model:	modicon m221	scope:	ne	version:	1.5.0.0	Trust: 0.3
vendor:	modicon m241	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	modicon m251	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	modicon m221	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 4a548a03-6217-4b58-9f7d-67dbc8ed4a34 // CNVD: CNVD-2017-09891 // BID: 97254 // JVNDB: JVNDB-2017-005289 // CNNVD: CNNVD-201702-582 // NVD: CVE-2017-6030

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6030
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6030
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-09891
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201702-582
value:	MEDIUM
Trust: 0.6
IVD:	4a548a03-6217-4b58-9f7d-67dbc8ed4a34
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-114233
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2017-6030
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6030
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-6030
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
CNVD:	CNVD-2017-09891
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	4a548a03-6217-4b58-9f7d-67dbc8ed4a34
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-114233
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6030
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.1
Trust: 1.0
NVD:	CVE-2017-6030
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 4a548a03-6217-4b58-9f7d-67dbc8ed4a34 // CNVD: CNVD-2017-09891 // VULHUB: VHN-114233 // VULMON: CVE-2017-6030 // JVNDB: JVNDB-2017-005289 // CNNVD: CNNVD-201702-582 // NVD: CVE-2017-6030

PROBLEMTYPE DATA

problemtype:	CWE-331	Trust: 1.9
problemtype:	CWE-343	Trust: 1.0

sources: VULHUB: VHN-114233 // JVNDB: JVNDB-2017-005289 // NVD: CVE-2017-6030

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-582

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201702-582

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005289

PATCH

title:	SEVD-2017-075-01	url:	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-075-01	Trust: 0.8
title:	Multiple Schneider Electric Modicon Products TCP Initial Serial Number Prediction Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/95622	Trust: 0.6
title:	CVE-2017-6030	url:	https://github.com/AlAIAL90/CVE-2017-6030	Trust: 0.1

sources: CNVD: CNVD-2017-09891 // VULMON: CVE-2017-6030 // JVNDB: JVNDB-2017-005289

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6030	Trust: 3.7
db:	ICS CERT	id:	ICSA-17-089-02	Trust: 2.9
db:	BID	id:	97254	Trust: 2.7
db:	CNNVD	id:	CNNVD-201702-582	Trust: 0.9
db:	CNVD	id:	CNVD-2017-09891	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005289	Trust: 0.8
db:	IVD	id:	4A548A03-6217-4B58-9F7D-67DBC8ED4A34	Trust: 0.2
db:	VULHUB	id:	VHN-114233	Trust: 0.1
db:	VULMON	id:	CVE-2017-6030	Trust: 0.1

sources: IVD: 4a548a03-6217-4b58-9f7d-67dbc8ed4a34 // CNVD: CNVD-2017-09891 // VULHUB: VHN-114233 // VULMON: CVE-2017-6030 // BID: 97254 // JVNDB: JVNDB-2017-005289 // CNNVD: CNNVD-201702-582 // NVD: CVE-2017-6030

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-089-02	Trust: 3.0
url:	http://www.securityfocus.com/bid/97254	Trust: 2.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6030	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6030	Trust: 0.8
url:	http://www.schneider-electric.com/products/ww/en/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/331.html	Trust: 0.1
url:	https://github.com/alaial90/cve-2017-6030	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=53310	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2017-09891 // VULHUB: VHN-114233 // VULMON: CVE-2017-6030 // BID: 97254 // JVNDB: JVNDB-2017-005289 // CNNVD: CNNVD-201702-582 // NVD: CVE-2017-6030

CREDITS

David Formby and Raheem Beyah of Georgia Tech and Fortiphyd Logic, Inc

Trust: 0.3

sources: BID: 97254

SOURCES

db:	IVD	id:	4a548a03-6217-4b58-9f7d-67dbc8ed4a34
db:	CNVD	id:	CNVD-2017-09891
db:	VULHUB	id:	VHN-114233
db:	VULMON	id:	CVE-2017-6030
db:	BID	id:	97254
db:	JVNDB	id:	JVNDB-2017-005289
db:	CNNVD	id:	CNNVD-201702-582
db:	NVD	id:	CVE-2017-6030

LAST UPDATE DATE

2024-11-23T21:54:00.544000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-09891	date:	2017-06-16T00:00:00
db:	VULHUB	id:	VHN-114233	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2017-6030	date:	2021-08-26T00:00:00
db:	BID	id:	97254	date:	2017-04-04T00:02:00
db:	JVNDB	id:	JVNDB-2017-005289	date:	2017-07-26T00:00:00
db:	CNNVD	id:	CNNVD-201702-582	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2017-6030	date:	2024-11-21T03:28:56.400

SOURCES RELEASE DATE

db:	IVD	id:	4a548a03-6217-4b58-9f7d-67dbc8ed4a34	date:	2017-06-16T00:00:00
db:	CNVD	id:	CNVD-2017-09891	date:	2017-06-16T00:00:00
db:	VULHUB	id:	VHN-114233	date:	2017-06-30T00:00:00
db:	VULMON	id:	CVE-2017-6030	date:	2017-06-30T00:00:00
db:	BID	id:	97254	date:	2017-03-30T00:00:00
db:	JVNDB	id:	JVNDB-2017-005289	date:	2017-07-26T00:00:00
db:	CNNVD	id:	CNNVD-201702-582	date:	2017-02-17T00:00:00
db:	NVD	id:	CVE-2017-6030	date:	2017-06-30T03:29:00.390