Sign-up

ID

VAR-202101-0140


CVE

CVE-2020-16236


TITLE

Made by Panasonic FPWIN Pro Out-of-bounds read vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-001002

DESCRIPTION

FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. FPWIN Pro Is provided by Panasonic Corporation PLC Programming software for. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PRO files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 2.34

sources: NVD: CVE-2020-16236 // JVNDB: JVNDB-2021-001002 // ZDI: ZDI-21-068 // VULMON: CVE-2020-16236

AFFECTED PRODUCTS

vendor:panasonicmodel:fpwin proscope:ltversion:7.5.0.1

Trust: 1.0

vendor:panasonicmodel:fpwin proscope:eqversion:version 7.5.0.0

Trust: 0.8

vendor:panasonicmodel:control fpwin proscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-068 // JVNDB: JVNDB-2021-001002 // NVD: CVE-2020-16236

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-16236
value: HIGH

Trust: 1.0

IPA: JVNDB-2021-001002
value: HIGH

Trust: 0.8

ZDI: CVE-2020-16236
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202101-236
value: HIGH

Trust: 0.6

VULMON: CVE-2020-16236
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-16236
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2020-16236
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA score: JVNDB-2021-001002
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-16236
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-068 // VULMON: CVE-2020-16236 // JVNDB: JVNDB-2021-001002 // CNNVD: CNNVD-202101-236 // NVD: CVE-2020-16236

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2021-001002 // NVD: CVE-2020-16236

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202101-236

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202101-236

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2021-001002

PATCH
title:Programming Software Control FPWIN Prourl:https://industry.panasonic.eu/factory-automation/automation-devices-solutions/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro
Trust: 0.8
title:Panasonic has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-21-005-02
Trust: 0.7
title:Panasonic FPWIN Pro Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138391
Trust: 0.6
sources:
            
            
            ZDI: ZDI-21-068 // 
            
            
            
            JVNDB: JVNDB-2021-001002 // 
            
            
            
            CNNVD: CNNVD-202101-236

EXTERNAL IDS
db:NVDid:CVE-2020-16236
Trust: 3.2
db:ICS CERTid:ICSA-21-005-02
Trust: 2.5
db:JVNid:JVNVU92365365
Trust: 0.8
db:JVNDBid:JVNDB-2021-001002
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-11579
Trust: 0.7
db:ZDIid:ZDI-21-068
Trust: 0.7
db:AUSCERTid:ESB-2021.0048
Trust: 0.6
db:CNNVDid:CNNVD-202101-236
Trust: 0.6
db:VULMONid:CVE-2020-16236
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-068 // 
            
            
            
            VULMON: CVE-2020-16236 // 
            
            
            
            JVNDB: JVNDB-2021-001002 // 
            
            
            
            CNNVD: CNNVD-202101-236 // 
            
            
            
            NVD: CVE-2020-16236

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-21-005-02
Trust: 3.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16236
Trust: 0.8
url:http://jvn.jp/cert/jvnvu92365365
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-16236
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2021.0048/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/125.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/194260
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-068 // 
            
            
            
            VULMON: CVE-2020-16236 // 
            
            
            
            JVNDB: JVNDB-2021-001002 // 
            
            
            
            CNNVD: CNNVD-202101-236 // 
            
            
            
            NVD: CVE-2020-16236

CREDITS
Francis Provencher {PRL}
Trust: 0.7
sources:
            
            
            ZDI: ZDI-21-068

SOURCES
db:ZDIid:ZDI-21-068
db:VULMONid:CVE-2020-16236
db:JVNDBid:JVNDB-2021-001002
db:CNNVDid:CNNVD-202101-236
db:NVDid:CVE-2020-16236

LAST UPDATE DATE
2024-08-14T13:24:01.077000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-21-068date:2021-01-14T00:00:00
db:VULMONid:CVE-2020-16236date:2021-01-29T00:00:00
db:JVNDBid:JVNDB-2021-001002date:2021-01-07T07:38:38
db:CNNVDid:CNNVD-202101-236date:2021-02-01T00:00:00
db:NVDid:CVE-2020-16236date:2021-01-29T00:58:43.103

SOURCES RELEASE DATE
db:ZDIid:ZDI-21-068date:2021-01-14T00:00:00
db:VULMONid:CVE-2020-16236date:2021-01-26T00:00:00
db:JVNDBid:JVNDB-2021-001002date:2021-01-07T07:38:38
db:CNNVDid:CNNVD-202101-236date:2021-01-05T00:00:00
db:NVDid:CVE-2020-16236date:2021-01-26T18:15:39.787