Sign-up

ID

VAR-201708-1117


CVE

CVE-2017-12702


TITLE

Advantech WebAccess Vulnerabilities related to format strings

Trust: 0.8

sources: JVNDB: JVNDB-2017-007572

DESCRIPTION

An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. String format specifiers based on user provided input are not properly validated, which could allow an attacker to execute arbitrary code. Advantech WebAccess Contains a format string vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable

Trust: 2.7

sources: NVD: CVE-2017-12702 // JVNDB: JVNDB-2017-007572 // CNVD: CNVD-2017-23882 // BID: 100526 // IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // VULHUB: VHN-103251

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // CNVD: CNVD-2017-23882

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:lteversion:8.2

Trust: 1.0

vendor:advantechmodel:webaccessscope:eqversion:8.2

Trust: 0.9

vendor:advantechmodel:webaccessscope:ltversion:8.2_20170817

Trust: 0.8

vendor:advantechmodel:webaccess <v8.2 20170817scope: - version: -

Trust: 0.6

vendor:advantechmodel:webaccess 8.2 20170330scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccess 8.1 20160519scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccess 8.0 20150816scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccessscope:eqversion:8

Trust: 0.3

vendor:advantechmodel:webaccess 8.2 20170817scope:neversion: -

Trust: 0.3

vendor:advantechmodel:webaccessscope:neversion:8.1

Trust: 0.3

vendor:webaccessmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // CNVD: CNVD-2017-23882 // BID: 100526 // JVNDB: JVNDB-2017-007572 // CNNVD: CNNVD-201708-1281 // NVD: CVE-2017-12702

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12702
value: HIGH

Trust: 1.0

NVD: CVE-2017-12702
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-23882
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201708-1281
value: HIGH

Trust: 0.6

IVD: 446b7b63-01fd-49d1-9bc1-399f42387092
value: HIGH

Trust: 0.2

VULHUB: VHN-103251
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12702
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-23882
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 446b7b63-01fd-49d1-9bc1-399f42387092
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103251
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12702
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // CNVD: CNVD-2017-23882 // VULHUB: VHN-103251 // JVNDB: JVNDB-2017-007572 // CNNVD: CNNVD-201708-1281 // NVD: CVE-2017-12702

PROBLEMTYPE DATA

problemtype:CWE-134

Trust: 1.8

sources: JVNDB: JVNDB-2017-007572 // NVD: CVE-2017-12702

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201708-1281

TYPE

Format string error

Trust: 0.8

sources: IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // CNNVD: CNNVD-201708-1281

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-007572

PATCH
title:Advantech WebAccessurl:http://www.advantech.com/industrial-automation/webaccess
Trust: 0.8
title:Patch for Advantech WebAccess Arbitrary Code Execution Vulnerability (CNVD-2017-23882)url:https://www.cnvd.org.cn/patchInfo/show/101166
Trust: 0.6
title:Advantech WebAccess Fixes for formatting string vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74370
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-23882 // 
            
            
            
            JVNDB: JVNDB-2017-007572 // 
            
            
            
            CNNVD: CNNVD-201708-1281

EXTERNAL IDS
db:NVDid:CVE-2017-12702
Trust: 3.6
db:ICS CERTid:ICSA-17-241-02
Trust: 3.4
db:BIDid:100526
Trust: 2.0
db:CNNVDid:CNNVD-201708-1281
Trust: 0.9
db:CNVDid:CNVD-2017-23882
Trust: 0.8
db:JVNDBid:JVNDB-2017-007572
Trust: 0.8
db:IVDid:446B7B63-01FD-49D1-9BC1-399F42387092
Trust: 0.2
db:VULHUBid:VHN-103251
Trust: 0.1
sources:
            
            
            IVD: 446b7b63-01fd-49d1-9bc1-399f42387092 // 
            
            
            
            CNVD: CNVD-2017-23882 // 
            
            
            
            VULHUB: VHN-103251 // 
            
            
            
            BID: 100526 // 
            
            
            
            JVNDB: JVNDB-2017-007572 // 
            
            
            
            CNNVD: CNNVD-201708-1281 // 
            
            
            
            NVD: CVE-2017-12702

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-241-02
Trust: 3.4
url:http://www.securityfocus.com/bid/100526
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12702
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12702
Trust: 0.8
url:http://webaccess.advantech.com
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-23882 // 
            
            
            
            VULHUB: VHN-103251 // 
            
            
            
            BID: 100526 // 
            
            
            
            JVNDB: JVNDB-2017-007572 // 
            
            
            
            CNNVD: CNNVD-201708-1281 // 
            
            
            
            NVD: CVE-2017-12702

CREDITS
Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.
Trust: 0.3
sources:
            
            
            BID: 100526

SOURCES
db:IVDid:446b7b63-01fd-49d1-9bc1-399f42387092
db:CNVDid:CNVD-2017-23882
db:VULHUBid:VHN-103251
db:BIDid:100526
db:JVNDBid:JVNDB-2017-007572
db:CNNVDid:CNNVD-201708-1281
db:NVDid:CVE-2017-12702

LAST UPDATE DATE
2024-08-14T13:29:58.290000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-23882date:2017-09-04T00:00:00
db:VULHUBid:VHN-103251date:2019-10-09T00:00:00
db:BIDid:100526date:2017-08-29T00:00:00
db:JVNDBid:JVNDB-2017-007572date:2017-09-25T00:00:00
db:CNNVDid:CNNVD-201708-1281date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12702date:2019-10-09T23:23:10.107

SOURCES RELEASE DATE
db:IVDid:446b7b63-01fd-49d1-9bc1-399f42387092date:2017-08-30T00:00:00
db:CNVDid:CNVD-2017-23882date:2017-08-30T00:00:00
db:VULHUBid:VHN-103251date:2017-08-30T00:00:00
db:BIDid:100526date:2017-08-29T00:00:00
db:JVNDBid:JVNDB-2017-007572date:2017-09-25T00:00:00
db:CNNVDid:CNNVD-201708-1281date:2017-08-31T00:00:00
db:NVDid:CVE-2017-12702date:2017-08-30T18:29:00.360