Details of VAR-202303-1298

ID

VAR-202303-1298

CVE

CVE-2023-27982

TITLE

plural Schneider Electric Insufficient Validation of Data Trust in Products Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-005624

DESCRIPTION

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard files in the IGSS project report directory, when an attacker sends specific crafted messages to the Data Server TCP port, this could lead to remote code execution when a victim eventually opens a malicious dashboard file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server Exists in an inadequate validation of data reliability vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issue results from the exposure of a dangerous function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric). Schneider Electric IGSS Data Server has a data forgery vulnerability

Trust: 2.79

sources: NVD: CVE-2023-27982 // JVNDB: JVNDB-2023-005624 // ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-29373

AFFECTED PRODUCTS

vendor:	schneider electric	model:	igss dashboard	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	igss data server	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	custom reports	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	igss dashboard	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	custom reports	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	igss data server	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	igss	scope:	-	version:	-	Trust: 0.7
vendor:	schneider	model:	electric igss data server	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6
vendor:	schneider	model:	electric igss dashboard	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6
vendor:	schneider	model:	electric custom reports	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6

sources: ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373 // JVNDB: JVNDB-2023-005624 // NVD: CVE-2023-27982

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-27982
value:	HIGH
Trust: 1.0
cybersecurity@se.com:	CVE-2023-27982
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-27982
value:	HIGH
Trust: 0.8
ZDI:	CVE-2023-27982
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2023-29373
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202303-1555
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2023-29373
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-27982
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2023-27982
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-27982
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373 // JVNDB: JVNDB-2023-005624 // CNNVD: CNNVD-202303-1555 // NVD: CVE-2023-27982 // NVD: CVE-2023-27982

PROBLEMTYPE DATA

problemtype:	CWE-345	Trust: 1.0
problemtype:	Inadequate verification of data reliability (CWE-345) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-005624 // NVD: CVE-2023-27982

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-1555

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202303-1555

PATCH

title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-04.pdf	Trust: 0.7
title:	Patch for Schneider Electric IGSS Data Server Data Forgery Vulnerability (CNVD-2023-29373)	url:	https://www.cnvd.org.cn/patchInfo/show/419136	Trust: 0.6
title:	Schneider Electric IGSS Data Server Repair measures for data forgery problem vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=230403	Trust: 0.6

sources: ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373 // CNNVD: CNNVD-202303-1555

EXTERNAL IDS

db:	NVD	id:	CVE-2023-27982	Trust: 4.5
db:	SCHNEIDER	id:	SEVD-2023-073-04	Trust: 3.0
db:	ICS CERT	id:	ICSA-23-082-04	Trust: 0.8
db:	JVN	id:	JVNVU94559502	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-005624	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-19652	Trust: 0.7
db:	ZDI	id:	ZDI-23-337	Trust: 0.7
db:	CNVD	id:	CNVD-2023-29373	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.1792	Trust: 0.6
db:	CNNVD	id:	CNNVD-202303-1555	Trust: 0.6

sources: ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373 // JVNDB: JVNDB-2023-005624 // CNNVD: CNNVD-202303-1555 // NVD: CVE-2023-27982

REFERENCES

url:	https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04&p_endoctype=security+and+safety+notice&p_file_name=sevd-2023-073-04.pdf	Trust: 3.7
url:	https://jvn.jp/vu/jvnvu94559502/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-27982	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-04	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-27982/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.1792	Trust: 0.6

sources: ZDI: ZDI-23-337 // CNVD: CNVD-2023-29373 // JVNDB: JVNDB-2023-005624 // CNNVD: CNNVD-202303-1555 // NVD: CVE-2023-27982

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-23-337

SOURCES

db:	ZDI	id:	ZDI-23-337
db:	CNVD	id:	CNVD-2023-29373
db:	JVNDB	id:	JVNDB-2023-005624
db:	CNNVD	id:	CNNVD-202303-1555
db:	NVD	id:	CVE-2023-27982

LAST UPDATE DATE

2024-08-14T13:20:57.247000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-337	date:	2023-03-16T00:00:00
db:	CNVD	id:	CNVD-2023-29373	date:	2023-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2023-005624	date:	2023-11-09T03:11:00
db:	CNNVD	id:	CNNVD-202303-1555	date:	2023-03-27T00:00:00
db:	NVD	id:	CVE-2023-27982	date:	2023-03-24T18:08:45.557

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-337	date:	2023-03-16T00:00:00
db:	CNVD	id:	CNVD-2023-29373	date:	2023-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2023-005624	date:	2023-11-09T00:00:00
db:	CNNVD	id:	CNNVD-202303-1555	date:	2023-03-21T00:00:00
db:	NVD	id:	CVE-2023-27982	date:	2023-03-21T07:15:08.410