Details of VAR-202107-1665

ID

VAR-202107-1665

CVE

CVE-2021-32977

TITLE

AVEVA Made AVEVA System Platform Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-001897

DESCRIPTION

AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data. AVEVA Provided by the company AVEVA System Platform contains multiple vulnerabilities: * Lack of authentication for critical features (CWE-306) - CVE-2021-33008 It was * Problems with not handling exceptions (CWE-248) - CVE-2021-33010 It was * Path traversal (CWE-22) - CVE-2021-32981 It was * Same-origin policy violation (CWE-346) - CVE-2021-32985 It was * Improper verification of digital signatures (CWE-347) - CVE-2021-32977The expected impact depends on each vulnerability, but it may be affected as follows. It was * A third party on an adjacent network may be able to execute arbitrary code with system privileges. - CVE-2021-33008 It was * Service operation obstruction by a remote third party (DoS) state - CVE-2021-33010 It was * The input value that specifies a file or directory under an access-restricted directory is not processed properly, allowing a remote third party to access a directory outside the access-restricted directory. - CVE-2021-32981 It was * Not properly validating that data or communication origin is valid - CVE-2021-32985 It was * Not verifying digital signatures on data, or verifying them incorrectly - CVE-2021-32977. AVEVA System Platform is an application software of British AVEVA company. A responsive, standards-driven and scalable foundation for regulatory, enterprise SCADA, MES and IIoT applications. No detailed vulnerability details are currently provided

Trust: 2.7

sources: NVD: CVE-2021-32977 // JVNDB: JVNDB-2021-001897 // CNVD: CNVD-2021-102838 // CNNVD: CNNVD-202107-2079

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-102838

AFFECTED PRODUCTS

vendor:	aveva	model:	system platform	scope:	lt	version:	2020	Trust: 1.0
vendor:	aveva	model:	system platform	scope:	eq	version:	2020	Trust: 1.0
vendor:	aveva	model:	system platform	scope:	gte	version:	2017	Trust: 1.0
vendor:	aveva	model:	system platform	scope:	eq	version:	2017 to 2020 r2 p01 to	Trust: 0.8
vendor:	aveva	model:	system platform	scope:	eq	version:	-	Trust: 0.8
vendor:	aveva	model:	system platform r2 p01	scope:	gte	version:	2017,<=2020	Trust: 0.6

sources: CNVD: CNVD-2021-102838 // JVNDB: JVNDB-2021-001897 // NVD: CVE-2021-32977

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-32977
value:	HIGH
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-32977
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2021-001897
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-102838
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202107-2079
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-32977
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2021-102838
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-32977
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 2.0
IPA:	JVNDB-2021-001897
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-102838 // JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202107-2079 // NVD: CVE-2021-32977 // NVD: CVE-2021-32977

PROBLEMTYPE DATA

problemtype:	CWE-347	Trust: 1.0
problemtype:	uncaught exception (CWE-248) [IPA evaluation ]	Trust: 0.8
problemtype:	Lack of authentication for critical features (CWE-306) [IPA evaluation ]	Trust: 0.8
problemtype:	Path traversal (CWE-22) [IPA evaluation ]	Trust: 0.8
problemtype:	Same-origin policy violation (CWE-346) [IPA evaluation ]	Trust: 0.8
problemtype:	Improper verification of digital signatures (CWE-347) [IPA evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-001897 // NVD: CVE-2021-32977

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202107-2079

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202107-2079

PATCH

title:	SECURITY BULLETIN AVEVA-2021-002	url:	https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-002.pdf	Trust: 0.8
title:	Patch for AVEVA System Platform Incorrect Validation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/310981	Trust: 0.6
title:	AVEVA System Platform Repair measures for data forgery problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=157924	Trust: 0.6

sources: CNVD: CNVD-2021-102838 // JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202107-2079

EXTERNAL IDS

db:	NVD	id:	CVE-2021-32977	Trust: 3.8
db:	ICS CERT	id:	ICSA-21-180-05	Trust: 3.0
db:	JVN	id:	JVNVU90207343	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-001897	Trust: 0.8
db:	CNVD	id:	CNVD-2021-102838	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2281.2	Trust: 0.6
db:	CNNVD	id:	CNNVD-202107-2079	Trust: 0.6

sources: CNVD: CNVD-2021-102838 // JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202107-2079 // NVD: CVE-2021-32977

REFERENCES

url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-05	Trust: 2.2
url:	https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/securitybulletin_aveva-2021-002.pdf	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32977	Trust: 1.4
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-180-05	Trust: 1.4
url:	http://jvn.jp/cert/jvnvu90207343	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33008	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33010	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32981	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32985	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2021.2281.2	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2021-32977/	Trust: 0.6

sources: CNVD: CNVD-2021-102838 // JVNDB: JVNDB-2021-001897 // CNNVD: CNNVD-202107-2079 // NVD: CVE-2021-32977

CREDITS

Sharon Brizinov of Claroty reported these vulnerabilities to AVEVA.

Trust: 0.6

sources: CNNVD: CNNVD-202107-2079

SOURCES

db:	CNVD	id:	CNVD-2021-102838
db:	JVNDB	id:	JVNDB-2021-001897
db:	CNNVD	id:	CNNVD-202107-2079
db:	NVD	id:	CVE-2021-32977

LAST UPDATE DATE

2024-08-14T12:51:19.712000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-102838	date:	2022-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2021-001897	date:	2024-06-20T04:33:00
db:	CNNVD	id:	CNNVD-202107-2079	date:	2022-04-14T00:00:00
db:	NVD	id:	CVE-2021-32977	date:	2022-04-13T12:46:00.330

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-102838	date:	2021-12-28T00:00:00
db:	JVNDB	id:	JVNDB-2021-001897	date:	2021-07-01T00:00:00
db:	CNNVD	id:	CNNVD-202107-2079	date:	2021-07-27T00:00:00
db:	NVD	id:	CVE-2021-32977	date:	2022-04-04T20:15:08.817