Details of VAR-202011-1297

ID

VAR-202011-1297

CVE

CVE-2020-7538

TITLE

Schneider Electric Made PLC Simulator for EcoStruxure Control Expert Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009547

DESCRIPTION

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus. ‥ * By a remote third party Modbus If you send a specially crafted request via EcoStruxure Control Expert of PLC Simulator Is crashed - CVE-2020-7559 , CVE-2020-7538 ‥ * Authentication is bypassed if the memory is overwritten by a local third party using the debugger - CVE-2020-28211 ‥ * By a remote third party Modbus Brute force attack via brute force executes unauthorized commands - CVE-2020-28212 ‥ * By a remote third party Modbus If a specially crafted request is sent via, an unauthorized command will be executed - CVE-2020-28213. Schneider Electric EcoStruxure Control Expert (formerly known as Unity Pro) is a set of programming software for Schneider Electric logic controller products from French Schneider Electric (Schneider Electric). No detailed vulnerability details are currently provided

Trust: 2.16

sources: NVD: CVE-2020-7538 // JVNDB: JVNDB-2020-009547 // CNVD: CNVD-2021-31183

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-31183

AFFECTED PRODUCTS

vendor:	schneider electric	model:	ecostruxure control expert	scope:	eq	version:	*	Trust: 1.0
vendor:	schneider electric	model:	plc simulator	scope:	eq	version:	for ecostruxure control expert 全て	Trust: 0.8
vendor:	schneider electric	model:	plc simulator	scope:	eq	version:	for unity pro (旧称：ecostruxure control expert) 全て	Trust: 0.8
vendor:	schneider	model:	electric ecostruxure control expert	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2021-31183 // JVNDB: JVNDB-2020-009547 // NVD: CVE-2020-7538

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2020-009547
value:	HIGH
Trust: 2.4
IPA:	JVNDB-2020-009547
value:	CRITICAL
Trust: 1.6
nvd@nist.gov:	CVE-2020-7538
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2021-31183
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202011-842
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-7538
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2021-31183
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-7538
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
IPA score:	JVNDB-2020-009547
baseSeverity:	CRITICAL
baseScore:	10
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-009547
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-009547
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-009547
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
IPA score:	JVNDB-2020-009547
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-31183 // JVNDB: JVNDB-2020-009547 // JVNDB: JVNDB-2020-009547 // JVNDB: JVNDB-2020-009547 // JVNDB: JVNDB-2020-009547 // JVNDB: JVNDB-2020-009547 // CNNVD: CNNVD-202011-842 // NVD: CVE-2020-7538

PROBLEMTYPE DATA

problemtype:	CWE-754	Trust: 1.8
problemtype:	CWE-494	Trust: 0.8
problemtype:	CWE-307	Trust: 0.8
problemtype:	CWE-120	Trust: 0.8
problemtype:	CWE-863	Trust: 0.8

sources: JVNDB: JVNDB-2020-009547 // NVD: CVE-2020-7538

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202011-842

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202011-842

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009547

PATCH

title:	EcoStruxure Control Expert	url:	https://www.se.com/ww/en/product-range-download/548-ecostruxure%E2%84%A2-control-expert/?parent-subcategory-id=3950&filter=business-1-industrial-automation-and-control&selected-node-id=12365959203#/software-firmware-tab	Trust: 0.8
title:	Security Notification - PLC Simulator on EcoStruxure™ Control Expert	url:	https://www.se.com/ww/en/download/document/SEVD-2020-315-07/	Trust: 0.8
title:	Patch for Schneider Electric EcoStruxure Control Expert PLC Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/261466	Trust: 0.6
title:	Schneider Electric EcoStruxure Control Expert Fixes for code issue vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=137113	Trust: 0.6

sources: CNVD: CNVD-2021-31183 // JVNDB: JVNDB-2020-009547 // CNNVD: CNNVD-202011-842

EXTERNAL IDS

db:	NVD	id:	CVE-2020-7538	Trust: 3.0
db:	ICS CERT	id:	ICSA-20-315-03	Trust: 2.0
db:	SCHNEIDER	id:	SEVD-2020-315-07	Trust: 1.6
db:	JVN	id:	JVNVU92857198	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-009547	Trust: 0.8
db:	CNVD	id:	CNVD-2021-31183	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4042	Trust: 0.6
db:	CNNVD	id:	CNNVD-202011-842	Trust: 0.6

sources: CNVD: CNVD-2021-31183 // JVNDB: JVNDB-2020-009547 // CNNVD: CNNVD-202011-842 // NVD: CVE-2020-7538

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-315-03	Trust: 2.0
url:	https://www.se.com/ww/en/download/document/sevd-2020-315-07/	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7559	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7538	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-28211	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-28212	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-28213	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu92857198/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7538	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4042/	Trust: 0.6

sources: CNVD: CNVD-2021-31183 // JVNDB: JVNDB-2020-009547 // CNNVD: CNNVD-202011-842 // NVD: CVE-2020-7538

SOURCES

db:	CNVD	id:	CNVD-2021-31183
db:	JVNDB	id:	JVNDB-2020-009547
db:	CNNVD	id:	CNNVD-202011-842
db:	NVD	id:	CVE-2020-7538

LAST UPDATE DATE

2024-08-14T13:54:25.579000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-31183	date:	2021-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-009547	date:	2020-11-12T06:49:50
db:	CNNVD	id:	CNNVD-202011-842	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2020-7538	date:	2022-01-31T19:33:27.460

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-31183	date:	2021-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-009547	date:	2020-11-12T06:49:50
db:	CNNVD	id:	CNNVD-202011-842	date:	2020-11-10T00:00:00
db:	NVD	id:	CVE-2020-7538	date:	2020-11-19T22:15:14.020