Sign-up

ID

VAR-201706-0650


CVE

CVE-2017-7965


TITLE

Schneider Electric SoMachine HVAC Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // CNVD: CNVD-2017-10357

DESCRIPTION

A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. SoMachine HVAC is a PLC programming software. This vulnerability stems from a security vulnerability in the call to AlTracePrint.exe, which can be exploited by an attacker to cause a buffer overflow. Schneider Electric SoMachine HVAC is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successful exploits may allow attackers to execute arbitrary code in context of the application. Failed exploits may result in denial-of-service conditions. Schneider Electric SoMachine HVAC 2.1.0 is vulnerable; other versions may also be affected

Trust: 2.7

sources: NVD: CVE-2017-7965 // JVNDB: JVNDB-2017-004756 // CNVD: CNVD-2017-10357 // BID: 98449 // IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // VULHUB: VHN-116168

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // CNVD: CNVD-2017-10357

AFFECTED PRODUCTS

vendor:schneider electricmodel:somachine hvacscope:eqversion:2.1.0

Trust: 1.0

vendor:schneider electricmodel:somachinescope:eqversion:v2.1.0

Trust: 0.8

vendor:schneidermodel:electric somachine hvacscope:eqversion:2.1.0

Trust: 0.6

vendor:schneider electricmodel:somachinescope:eqversion:2.1.0

Trust: 0.6

vendor:schneider electricmodel:somachine hvacscope:eqversion:2.1

Trust: 0.3

vendor:schneider electricmodel:somachine hvacscope:neversion:2.2

Trust: 0.3

vendor:somachine hvacmodel: - scope:eqversion:2.1.0

Trust: 0.2

sources: IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // CNVD: CNVD-2017-10357 // BID: 98449 // JVNDB: JVNDB-2017-004756 // CNNVD: CNNVD-201704-903 // NVD: CVE-2017-7965

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7965
value: HIGH

Trust: 1.0

NVD: CVE-2017-7965
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-10357
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201704-903
value: HIGH

Trust: 0.6

IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-116168
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-7965
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-10357
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-116168
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-7965
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.3
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-7965
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // CNVD: CNVD-2017-10357 // VULHUB: VHN-116168 // JVNDB: JVNDB-2017-004756 // CNNVD: CNNVD-201704-903 // NVD: CVE-2017-7965

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-116168 // JVNDB: JVNDB-2017-004756 // NVD: CVE-2017-7965

THREAT TYPE

local

Trust: 0.9

sources: BID: 98449 // CNNVD: CNNVD-201704-903

TYPE

Buffer error

Trust: 0.8

sources: IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // CNNVD: CNNVD-201704-903

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-004756

PATCH
title:SEVD-2017-125-01url:http://www.schneider-electric.com/en/download/document/SEVD-2017-125-01/
Trust: 0.8
title:Schneider Electric SoMachine HVAC Stack Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/95693
Trust: 0.6
title:Schneider Electric Modicon M171/M172 Controller SoMachine HVAC Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100390
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-10357 // 
            
            
            
            JVNDB: JVNDB-2017-004756 // 
            
            
            
            CNNVD: CNNVD-201704-903

EXTERNAL IDS
db:NVDid:CVE-2017-7965
Trust: 3.6
db:BIDid:98449
Trust: 2.6
db:SCHNEIDERid:SEVD-2017-125-01
Trust: 2.0
db:CNNVDid:CNNVD-201704-903
Trust: 0.9
db:CNVDid:CNVD-2017-10357
Trust: 0.8
db:JVNDBid:JVNDB-2017-004756
Trust: 0.8
db:ICS CERTid:ICSA-17-136-02
Trust: 0.3
db:IVDid:11B1075A-684E-41EC-9AA9-C1B9110102D1
Trust: 0.2
db:VULHUBid:VHN-116168
Trust: 0.1
sources:
            
            
            IVD: 11b1075a-684e-41ec-9aa9-c1b9110102d1 // 
            
            
            
            CNVD: CNVD-2017-10357 // 
            
            
            
            VULHUB: VHN-116168 // 
            
            
            
            BID: 98449 // 
            
            
            
            JVNDB: JVNDB-2017-004756 // 
            
            
            
            CNNVD: CNNVD-201704-903 // 
            
            
            
            NVD: CVE-2017-7965

REFERENCES
url:http://www.securityfocus.com/bid/98449
Trust: 2.3
url:http://www.schneider-electric.com/en/download/document/sevd-2017-125-01/
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2017-7965
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7965
Trust: 0.8
url:http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-136-02
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-10357 // 
            
            
            
            VULHUB: VHN-116168 // 
            
            
            
            BID: 98449 // 
            
            
            
            JVNDB: JVNDB-2017-004756 // 
            
            
            
            CNNVD: CNNVD-201704-903 // 
            
            
            
            NVD: CVE-2017-7965

CREDITS
Zhou Yu
Trust: 0.3
sources:
            
            
            BID: 98449

SOURCES
db:IVDid:11b1075a-684e-41ec-9aa9-c1b9110102d1
db:CNVDid:CNVD-2017-10357
db:VULHUBid:VHN-116168
db:BIDid:98449
db:JVNDBid:JVNDB-2017-004756
db:CNNVDid:CNNVD-201704-903
db:NVDid:CVE-2017-7965

LAST UPDATE DATE
2024-11-23T22:34:37.099000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-10357date:2017-06-20T00:00:00
db:VULHUBid:VHN-116168date:2019-10-03T00:00:00
db:BIDid:98449date:2017-05-23T16:26:00
db:JVNDBid:JVNDB-2017-004756date:2017-07-06T00:00:00
db:CNNVDid:CNNVD-201704-903date:2021-08-24T00:00:00
db:NVDid:CVE-2017-7965date:2024-11-21T03:33:03.640

SOURCES RELEASE DATE
db:IVDid:11b1075a-684e-41ec-9aa9-c1b9110102d1date:2017-06-20T00:00:00
db:CNVDid:CNVD-2017-10357date:2017-06-20T00:00:00
db:VULHUBid:VHN-116168date:2017-06-07T00:00:00
db:BIDid:98449date:2017-05-05T00:00:00
db:JVNDBid:JVNDB-2017-004756date:2017-07-06T00:00:00
db:CNNVDid:CNNVD-201704-903date:2017-04-20T00:00:00
db:NVDid:CVE-2017-7965date:2017-06-07T19:29:00.197