Sign-up

ID

VAR-202106-1987


CVE

CVE-2021-33008


TITLE

AVEVA  Made  AVEVA System Platform  Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001897

DESCRIPTION

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity. AVEVA Provided by the company AVEVA System Platform contains multiple vulnerabilities: * Lack of authentication for critical features (CWE-306) - CVE-2021-33008 It was * Problems with not handling exceptions (CWE-248) - CVE-2021-33010 It was * Path traversal (CWE-22) - CVE-2021-32981 It was * Same-origin policy violation (CWE-346) - CVE-2021-32985 It was * Improper verification of digital signatures (CWE-347) - CVE-2021-32977The expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party on an adjacent network may be able to execute arbitrary code with system privileges. - CVE-2021-33008 It was * Service operation obstruction by a remote third party (DoS) state - CVE-2021-33010 It was * The input value that specifies a file or directory under an access-restricted directory is not processed properly, allowing a remote third party to access a directory outside the access-restricted directory. - CVE-2021-32981 It was * Not properly validating that data or communication origin is valid - CVE-2021-32985 It was * Not verifying digital signatures on data, or verifying them incorrectly - CVE-2021-32977. AVEVA System Platform is an application software of British AVEVA company. A responsive, standards-driven and scalable foundation for regulatory, enterprise SCADA, MES and IIoT applications. The Aveva AVEVA System Platform access control error vulnerability stems from the ability of the affected software to perform no authentication, allowing a remote attacker to gain access to the target system on the local network. The following products and versions are affected: Aveva AVEVA System Platform: 2017 U3 SP1 P01, 2020 R2, 2020 R2 P01. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.7

sources: NVD: CVE-2021-33008 // JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202106-1951 // CNNVD: CNNVD-202104-975

AFFECTED PRODUCTS

vendor:avevamodel:system platformscope:ltversion:2020

Trust: 1.0

vendor:avevamodel:system platformscope:eqversion:2020

Trust: 1.0

vendor:avevamodel:system platformscope:gteversion:2017

Trust: 1.0

vendor:avevamodel:system platformscope:eqversion:2017 to 2020 r2 p01 to

Trust: 0.8

vendor:avevamodel:system platformscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-001897 // NVD: CVE-2021-33008

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-33008
value: CRITICAL

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2021-33008
value: HIGH

Trust: 1.0

NVD: CVE-2021-33008
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202106-1951
value: CRITICAL

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2021-33008
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2021-33008
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2021-33008
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA: JVNDB-2021-001897
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202106-1951 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-33008 // NVD: CVE-2021-33008

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

problemtype:uncaught exception (CWE-248) [IPA evaluation ]

Trust: 0.8

problemtype: Lack of authentication for critical features (CWE-306) [IPA evaluation ]

Trust: 0.8

problemtype: Path traversal (CWE-22) [IPA evaluation ]

Trust: 0.8

problemtype: Same-origin policy violation (CWE-346) [IPA evaluation ]

Trust: 0.8

problemtype: Improper verification of digital signatures (CWE-347) [IPA evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-001897 // NVD: CVE-2021-33008

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1951

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202106-1951

PATCH

title:SECURITY BULLETIN AVEVA-2021-002url:https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-002.pdf

Trust: 0.8

title:Aveva AVEVA System Platform Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155624

Trust: 0.6

sources: JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202106-1951

EXTERNAL IDS

db:NVDid:CVE-2021-33008

Trust: 3.2

db:ICS CERTid:ICSA-21-180-05

Trust: 2.4

db:JVNid:JVNVU90207343

Trust: 0.8

db:JVNDBid:JVNDB-2021-001897

Trust: 0.8

db:CS-HELPid:SB2021063022

Trust: 0.6

db:AUSCERTid:ESB-2021.2281.2

Trust: 0.6

db:CNNVDid:CNNVD-202106-1951

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

sources: JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202106-1951 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-33008

REFERENCES

url:https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/securitybulletin_aveva-2021-002.pdf

Trust: 1.6

url:https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-05

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-33008

Trust: 1.4

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-180-05

Trust: 1.4

url:http://jvn.jp/cert/jvnvu90207343

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-33010

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-32981

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-32985

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-32977

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.2281.2

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-33008/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021063022

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

sources: JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202106-1951 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-33008

CREDITS

Sharon Brizinov of Claroty reported these vulnerabilities to AVEVA.

Trust: 0.6

sources: CNNVD: CNNVD-202106-1951

SOURCES

db:JVNDBid:JVNDB-2021-001897
db:CNNVDid:CNNVD-202106-1951
db:CNNVDid:CNNVD-202104-975
db:NVDid:CVE-2021-33008

LAST UPDATE DATE

2024-08-14T12:49:25.489000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2021-001897date:2024-06-20T04:33:00
db:CNNVDid:CNNVD-202106-1951date:2022-04-14T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:NVDid:CVE-2021-33008date:2022-04-13T13:40:46.100

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2021-001897date:2021-07-01T00:00:00
db:CNNVDid:CNNVD-202106-1951date:2021-06-29T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:NVDid:CVE-2021-33008date:2022-04-04T20:15:09.313