ID

VAR-201708-1125


CVE

CVE-2017-12711


TITLE

Advantech WebAccess Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2017-007576

DESCRIPTION

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges. Advantech WebAccess Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities 2. Multiple heap-based buffer-overflow vulnerabilities. 3. Multiple memory-corruption vulnerabilities. 4. An SQL-injection vulnerability. 5. A format-string vulnerability. 6. An authentication-bypass vulnerability. 7. A security-bypass vulnerability. 8. A privilege-escalation vulnerability. 9. A remote-code execution vulnerability. An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database,perform certain unauthorized actions, gain unauthorized access and gain elevated privileges. This may aid in further attacks. Advantech WebAccess versions prior to V8.2_20170817 are vulnerable. There is a security vulnerability in Advantech WebAccess 8.2_20170817 and earlier versions, the vulnerability is caused by the program not having the correct assigned permissions

Trust: 2.7

sources: NVD: CVE-2017-12711 // JVNDB: JVNDB-2017-007576 // CNVD: CNVD-2017-23879 // BID: 100526 // IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60 // VULHUB: VHN-103261

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60 // CNVD: CNVD-2017-23879

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:lteversion:8.2

Trust: 1.0

vendor:advantechmodel:webaccessscope:eqversion:8.2

Trust: 0.9

vendor:advantechmodel:webaccessscope:ltversion:8.2_20170817

Trust: 0.8

vendor:advantechmodel:webaccess <v8.2 20170817scope: - version: -

Trust: 0.6

vendor:advantechmodel:webaccess 8.2 20170330scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccess 8.1 20160519scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccess 8.0 20150816scope: - version: -

Trust: 0.3

vendor:advantechmodel:webaccessscope:eqversion:8

Trust: 0.3

vendor:advantechmodel:webaccess 8.2 20170817scope:neversion: -

Trust: 0.3

vendor:advantechmodel:webaccessscope:neversion:8.1

Trust: 0.3

vendor:webaccessmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60 // CNVD: CNVD-2017-23879 // BID: 100526 // JVNDB: JVNDB-2017-007576 // CNNVD: CNNVD-201708-1276 // NVD: CVE-2017-12711

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12711
value: HIGH

Trust: 1.0

NVD: CVE-2017-12711
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-23879
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201708-1276
value: HIGH

Trust: 0.6

IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60
value: HIGH

Trust: 0.2

VULHUB: VHN-103261
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-12711
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-23879
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-103261
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12711
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60 // CNVD: CNVD-2017-23879 // VULHUB: VHN-103261 // JVNDB: JVNDB-2017-007576 // CNNVD: CNNVD-201708-1276 // NVD: CVE-2017-12711

PROBLEMTYPE DATA

problemtype:CWE-266

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-103261 // JVNDB: JVNDB-2017-007576 // NVD: CVE-2017-12711

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201708-1276

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201708-1276

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-007576

PATCH

title:Advantech WebAccessurl:http://www.advantech.com/industrial-automation/webaccess

Trust: 0.8

title:Patch for Advantech WebAccess Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/101163

Trust: 0.6

title:Advantech WebAccess Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74365

Trust: 0.6

sources: CNVD: CNVD-2017-23879 // JVNDB: JVNDB-2017-007576 // CNNVD: CNNVD-201708-1276

EXTERNAL IDS

db:NVDid:CVE-2017-12711

Trust: 3.6

db:ICS CERTid:ICSA-17-241-02

Trust: 3.4

db:BIDid:100526

Trust: 2.0

db:CNNVDid:CNNVD-201708-1276

Trust: 0.9

db:CNVDid:CNVD-2017-23879

Trust: 0.8

db:JVNDBid:JVNDB-2017-007576

Trust: 0.8

db:IVDid:ED6C966E-7696-4B6D-91C4-D23A85D19A60

Trust: 0.2

db:VULHUBid:VHN-103261

Trust: 0.1

sources: IVD: ed6c966e-7696-4b6d-91c4-d23a85d19a60 // CNVD: CNVD-2017-23879 // VULHUB: VHN-103261 // BID: 100526 // JVNDB: JVNDB-2017-007576 // CNNVD: CNNVD-201708-1276 // NVD: CVE-2017-12711

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-17-241-02

Trust: 3.4

url:http://www.securityfocus.com/bid/100526

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12711

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-12711

Trust: 0.8

url:http://webaccess.advantech.com

Trust: 0.3

sources: CNVD: CNVD-2017-23879 // VULHUB: VHN-103261 // BID: 100526 // JVNDB: JVNDB-2017-007576 // CNNVD: CNNVD-201708-1276 // NVD: CVE-2017-12711

CREDITS

Fritz Sands, rgod, Tenable Network Security,an anonymous researcher all working with Trend Micro??s Zero Day Initiative, and Haojun Hou and DongWang from ADLab of Venustech.

Trust: 0.3

sources: BID: 100526

SOURCES

db:IVDid:ed6c966e-7696-4b6d-91c4-d23a85d19a60
db:CNVDid:CNVD-2017-23879
db:VULHUBid:VHN-103261
db:BIDid:100526
db:JVNDBid:JVNDB-2017-007576
db:CNNVDid:CNNVD-201708-1276
db:NVDid:CVE-2017-12711

LAST UPDATE DATE

2024-08-14T13:29:58.203000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-23879date:2017-08-30T00:00:00
db:VULHUBid:VHN-103261date:2019-10-09T00:00:00
db:BIDid:100526date:2017-08-29T00:00:00
db:JVNDBid:JVNDB-2017-007576date:2017-12-28T00:00:00
db:CNNVDid:CNNVD-201708-1276date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12711date:2019-10-09T23:23:11.060

SOURCES RELEASE DATE

db:IVDid:ed6c966e-7696-4b6d-91c4-d23a85d19a60date:2017-08-30T00:00:00
db:CNVDid:CNVD-2017-23879date:2017-08-30T00:00:00
db:VULHUBid:VHN-103261date:2017-08-30T00:00:00
db:BIDid:100526date:2017-08-29T00:00:00
db:JVNDBid:JVNDB-2017-007576date:2017-09-25T00:00:00
db:CNNVDid:CNNVD-201708-1276date:2017-08-31T00:00:00
db:NVDid:CVE-2017-12711date:2017-08-30T18:29:00.827