Details of VAR-201804-1337

ID

VAR-201804-1337

CVE

CVE-2018-7761

TITLE

plural Schneider Electric Vulnerability related to input validation in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-004491

DESCRIPTION

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. plural Schneider Electric The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and others are programmable logic controller products from Schneider Electric, France. The HTTP request parser is one of the HTTP request parsers. A remote attacker can exploit this vulnerability to execute arbitrary code

Trust: 2.43

sources: NVD: CVE-2018-7761 // JVNDB: JVNDB-2018-004491 // CNVD: CNVD-2018-11261 // IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // VULHUB: VHN-137793

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // CNVD: CNVD-2018-11261

AFFECTED PRODUCTS

vendor:	schneider electric	model:	140cpu65860	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu31110c	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65160s	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65260	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65160	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu43412uc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65150c	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65860c	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	140cpu65160c	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp57154m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57254mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342000	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57204mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57254m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57454mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp575634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57554m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu31110	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57554mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57104mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp575634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp574634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp341000h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57454m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp573634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp571634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp573634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57104m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5744mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57304m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57304mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57354m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5744m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57154mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp576634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342020h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp571634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65260c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302cl	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnor0200	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnor0200h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu43412u	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp574634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5724mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp341000	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342020	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp572634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65150	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420102cl	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57204m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp572634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420102	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57354mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp576634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5724m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu31110	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxnor0200	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	bmxp341000	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	tsxh5724m	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	tsxp57104m	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric modicon premium	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon m340	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon quantum plc	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric bmxnor0200	scope:	-	version:	-	Trust: 0.6
vendor:	schneider electric	model:	bmxp341000	scope:	eq	version:	-	Trust: 0.6
vendor:	140cpu65160c	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	tsxh5724m	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	tsxh5744mc	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	bmxnor0200	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65150c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu31110c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu43412uc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65260c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65860c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp341000	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342000	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420102	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnor0200h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420102cl	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302cl	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp341000h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxh5744m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57104m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65150	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57154m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp571634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57204m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57254m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp572634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57304m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57354m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp573634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57454m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp574634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu31110	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp575634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp576634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxh5724mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57104mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57154mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp571634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57204mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57254mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp572634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu43412u	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57304mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57354mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp573634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57454mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp574634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57554mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp575634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp576634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65160	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57554m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65260	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65860	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65160s	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // CNVD: CNVD-2018-11261 // JVNDB: JVNDB-2018-004491 // CNNVD: CNNVD-201804-823 // NVD: CVE-2018-7761

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7761
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-7761
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-11261
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201804-823
value:	HIGH
Trust: 0.6
IVD:	e2f26cc0-39ab-11e9-b2f8-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-137793
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-7761
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11261
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f26cc0-39ab-11e9-b2f8-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-137793
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-7761
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // CNVD: CNVD-2018-11261 // VULHUB: VHN-137793 // JVNDB: JVNDB-2018-004491 // CNNVD: CNNVD-201804-823 // NVD: CVE-2018-7761

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-137793 // JVNDB: JVNDB-2018-004491 // NVD: CVE-2018-7761

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-823

TYPE

Input validation

Trust: 0.8

sources: IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // CNNVD: CNNVD-201804-823

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004491

PATCH

title:

SEVD-2018-081-02

url:

https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-081-02+Modicon.pdf&p_Doc_Ref=SEVD-2018-081-02

Trust: 0.8

sources: JVNDB: JVNDB-2018-004491

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7761	Trust: 3.3
db:	SCHNEIDER	id:	SEVD-2018-081-02	Trust: 2.3
db:	CNNVD	id:	CNNVD-201804-823	Trust: 0.9
db:	CNVD	id:	CNVD-2018-11261	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-004491	Trust: 0.8
db:	IVD	id:	E2F26CC0-39AB-11E9-B2F8-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-137793	Trust: 0.1

sources: IVD: e2f26cc0-39ab-11e9-b2f8-000c29342cb1 // CNVD: CNVD-2018-11261 // VULHUB: VHN-137793 // JVNDB: JVNDB-2018-004491 // CNNVD: CNNVD-201804-823 // NVD: CVE-2018-7761

REFERENCES

url:	https://www.schneider-electric.com/en/download/document/sevd-2018-081-02/	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7761	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7761	Trust: 0.8

sources: CNVD: CNVD-2018-11261 // VULHUB: VHN-137793 // JVNDB: JVNDB-2018-004491 // CNNVD: CNNVD-201804-823 // NVD: CVE-2018-7761

SOURCES

db:	IVD	id:	e2f26cc0-39ab-11e9-b2f8-000c29342cb1
db:	CNVD	id:	CNVD-2018-11261
db:	VULHUB	id:	VHN-137793
db:	JVNDB	id:	JVNDB-2018-004491
db:	CNNVD	id:	CNNVD-201804-823
db:	NVD	id:	CVE-2018-7761

LAST UPDATE DATE

2024-11-23T21:39:00.367000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11261	date:	2018-06-12T00:00:00
db:	VULHUB	id:	VHN-137793	date:	2018-05-24T00:00:00
db:	JVNDB	id:	JVNDB-2018-004491	date:	2018-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201804-823	date:	2018-05-09T00:00:00
db:	NVD	id:	CVE-2018-7761	date:	2024-11-21T04:12:41.250

SOURCES RELEASE DATE

db:	IVD	id:	e2f26cc0-39ab-11e9-b2f8-000c29342cb1	date:	2018-06-12T00:00:00
db:	CNVD	id:	CNVD-2018-11261	date:	2018-06-12T00:00:00
db:	VULHUB	id:	VHN-137793	date:	2018-04-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-004491	date:	2018-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201804-823	date:	2018-04-18T00:00:00
db:	NVD	id:	CVE-2018-7761	date:	2018-04-18T20:29:00.793