Details of VAR-202303-1372

ID

VAR-202303-1372

CVE

CVE-2023-27978

TITLE

plural Schneider Electric Product untrusted data deserialization vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-005626

DESCRIPTION

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution when an attacker gets the user to open a malicious file. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DashFiles class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric)

Trust: 2.79

sources: NVD: CVE-2023-27978 // JVNDB: JVNDB-2023-005626 // ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-29372

AFFECTED PRODUCTS

vendor:	schneider electric	model:	igss dashboard	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	igss data server	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	custom reports	scope:	lte	version:	16.0.0.23040	Trust: 1.0
vendor:	schneider electric	model:	igss dashboard	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	custom reports	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	igss data server	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	igss	scope:	-	version:	-	Trust: 0.7
vendor:	schneider	model:	electric igss data server	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6
vendor:	schneider	model:	electric igss dashboard	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6
vendor:	schneider	model:	electric custom reports	scope:	lte	version:	<=v16.0.0.23040	Trust: 0.6

sources: ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372 // JVNDB: JVNDB-2023-005626 // NVD: CVE-2023-27978

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-27978
value:	HIGH
Trust: 1.0
cybersecurity@se.com:	CVE-2023-27978
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-27978
value:	HIGH
Trust: 0.8
ZDI:	CVE-2023-27978
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2023-29372
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202303-1553
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2023-29372
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2023-27978
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2023-27978
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-27978
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372 // JVNDB: JVNDB-2023-005626 // CNNVD: CNNVD-202303-1553 // NVD: CVE-2023-27978 // NVD: CVE-2023-27978

PROBLEMTYPE DATA

problemtype:	CWE-502	Trust: 1.0
problemtype:	Deserialization of untrusted data (CWE-502) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-005626 // NVD: CVE-2023-27978

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-1553

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202303-1553

PATCH

title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-04.pdf	Trust: 0.7
title:	Patch for Schneider Electric IGSS Data Server Code Issue Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/419141	Trust: 0.6
title:	Schneider Electric IGSS Data Server Fixes for code issue vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=230401	Trust: 0.6

sources: ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372 // CNNVD: CNNVD-202303-1553

EXTERNAL IDS

db:	NVD	id:	CVE-2023-27978	Trust: 4.5
db:	SCHNEIDER	id:	SEVD-2023-073-04	Trust: 3.0
db:	ICS CERT	id:	ICSA-23-082-04	Trust: 0.8
db:	JVN	id:	JVNVU94559502	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-005626	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-19239	Trust: 0.7
db:	ZDI	id:	ZDI-23-334	Trust: 0.7
db:	CNVD	id:	CNVD-2023-29372	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.1792	Trust: 0.6
db:	CNNVD	id:	CNNVD-202303-1553	Trust: 0.6

sources: ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372 // JVNDB: JVNDB-2023-005626 // CNNVD: CNNVD-202303-1553 // NVD: CVE-2023-27978

REFERENCES

url:	https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04&p_endoctype=security+and+safety+notice&p_file_name=sevd-2023-073-04.pdf	Trust: 3.7
url:	https://jvn.jp/vu/jvnvu94559502/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-27978	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-04	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-27978/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.1792	Trust: 0.6

sources: ZDI: ZDI-23-334 // CNVD: CNVD-2023-29372 // JVNDB: JVNDB-2023-005626 // CNNVD: CNNVD-202303-1553 // NVD: CVE-2023-27978

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-23-334

SOURCES

db:	ZDI	id:	ZDI-23-334
db:	CNVD	id:	CNVD-2023-29372
db:	JVNDB	id:	JVNDB-2023-005626
db:	CNNVD	id:	CNNVD-202303-1553
db:	NVD	id:	CVE-2023-27978

LAST UPDATE DATE

2024-08-14T13:20:57.146000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-334	date:	2023-03-16T00:00:00
db:	CNVD	id:	CNVD-2023-29372	date:	2023-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2023-005626	date:	2023-11-09T03:11:00
db:	CNNVD	id:	CNNVD-202303-1553	date:	2023-03-27T00:00:00
db:	NVD	id:	CVE-2023-27978	date:	2023-03-24T17:20:49.547

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-334	date:	2023-03-16T00:00:00
db:	CNVD	id:	CNVD-2023-29372	date:	2023-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2023-005626	date:	2023-11-09T00:00:00
db:	CNNVD	id:	CNNVD-202303-1553	date:	2023-03-21T00:00:00
db:	NVD	id:	CVE-2023-27978	date:	2023-03-21T09:15:11.470