ID

VAR-202309-0672


CVE

CVE-2023-3935


TITLE

Wibu-Systems AG  of  CodeMeter Runtime  Out-of-bounds write vulnerability in products from multiple vendors such as

Trust: 0.8

sources: JVNDB: JVNDB-2023-012536

DESCRIPTION

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Wibu-Systems AG of CodeMeter Runtime Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PSS(R)CAPE is a transmission and distribution network protection simulation software. PSS(R)E is a power system simulation and analysis tool for transmission operation and planning. PSS(R)ODMS is a CIM-based network model management tool with network analysis capabilities for planning and operational planning of transmission utilities. SIMATIC PCS neo is a distributed control system (DCS). SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications requiring a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functionality. SIMIT Simulation Platform allows simulating factory settings to predict failures at an early planning stage. SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. SINEMA Remote Connect is a management platform for remote networks that allows simple management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants. Siemens Industrial product WIBU system CodeMeter has a heap buffer overflow vulnerability, which is caused by failure to perform correct boundary checks. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the system

Trust: 2.25

sources: NVD: CVE-2023-3935 // JVNDB: JVNDB-2023-012536 // CNVD: CNVD-2023-69811 // VULMON: CVE-2023-3935

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-69811

AFFECTED PRODUCTS

vendor:trumpfmodel:oseonscope:lteversion:3.0.22

Trust: 1.0

vendor:trumpfmodel:tubedesignscope:lteversion:14.06.150

Trust: 1.0

vendor:trumpfmodel:programmingtubescope:lteversion:4.6.3

Trust: 1.0

vendor:trumpfmodel:trutopsfabscope:gteversion:15.00.23.00

Trust: 1.0

vendor:trumpfmodel:teczonebendscope:lteversion:23.06.01

Trust: 1.0

vendor:trumpfmodel:trutopsweldscope:lteversion:9.0.28148.1

Trust: 1.0

vendor:trumpfmodel:trutops cell sw48scope:lteversion:02.26.0

Trust: 1.0

vendor:trumpfmodel:trutopsprintscope:lteversion:01.00

Trust: 1.0

vendor:trumpfmodel:trutopsscope:gteversion:08.00

Trust: 1.0

vendor:phoenixcontactmodel:e-mobility charging suitescope:lteversion:1.7.0

Trust: 1.0

vendor:phoenixcontactmodel:module type package designerscope:ltversion:1.2.0

Trust: 1.0

vendor:trumpfmodel:trutopsfabscope:lteversion:22.8.25

Trust: 1.0

vendor:trumpfmodel:trutopsfab storage smallstorescope:gteversion:14.06.20

Trust: 1.0

vendor:phoenixcontactmodel:activation wizardscope:lteversion:1.6

Trust: 1.0

vendor:trumpfmodel:trutopsscope:lteversion:12.01.00.00

Trust: 1.0

vendor:trumpfmodel:tubedesignscope:gteversion:08.00

Trust: 1.0

vendor:phoenixcontactmodel:iol-confscope:lteversion:1.7.0

Trust: 1.0

vendor:trumpfmodel:trutopsboostscope:gteversion:06.00.23.00

Trust: 1.0

vendor:trumpfmodel:topscalculationscope:lteversion:22.00.00

Trust: 1.0

vendor:trumpfmodel:trutopsprintscope:gteversion:00.06.00

Trust: 1.0

vendor:trumpfmodel:trutops cell classicscope:lteversion:09.09.02

Trust: 1.0

vendor:trumpfmodel:programmingtubescope:gteversion:1.0.1

Trust: 1.0

vendor:trumpfmodel:trutopsboostscope:lteversion:16.0.22

Trust: 1.0

vendor:phoenixcontactmodel:fl network managerscope:lteversion:7.0

Trust: 1.0

vendor:trumpfmodel:teczonebendscope:gteversion:18.02.r8

Trust: 1.0

vendor:trumpfmodel:trutops mark 3dscope:lteversion:06.01

Trust: 1.0

vendor:wibumodel:codemeter runtimescope:ltversion:7.60c

Trust: 1.0

vendor:trumpfmodel:trutopsprintmultilaserassistantscope:gteversion:01.02

Trust: 1.0

vendor:trumpfmodel:trumpflicenseexpertscope:gteversion:1.5.2

Trust: 1.0

vendor:trumpfmodel:trutops mark 3dscope:gteversion:01.00

Trust: 1.0

vendor:phoenixcontactmodel:module type package designerscope:eqversion:1.2.0

Trust: 1.0

vendor:phoenixcontactmodel:plcnext engineerscope:lteversion:2023.6

Trust: 1.0

vendor:trumpfmodel:trumpflicenseexpertscope:lteversion:1.11.1

Trust: 1.0

vendor:trumpfmodel:trutopsweldscope:gteversion:7.0.198.241

Trust: 1.0

vendor:trumpfmodel:trutops cell sw48scope:gteversion:01.00

Trust: 1.0

vendor:trumpfmodel:tops unfoldscope:eqversion:05.03.00.00

Trust: 1.0

vendor:trumpfmodel:oseonscope:gteversion:1.0.0

Trust: 1.0

vendor:trumpfmodel:topscalculationscope:gteversion:14.00

Trust: 1.0

vendor:trumpfmodel:trutopsfab storage smallstorescope:lteversion:20.04.20.00

Trust: 1.0

vendor:trumpfmodel:trutopsweldscope: - version: -

Trust: 0.8

vendor:trumpfmodel:programmingtubescope: - version: -

Trust: 0.8

vendor:wibumodel:codemeter runtimescope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsboostscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsprintmultilaserassistantscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsprintscope: - version: -

Trust: 0.8

vendor:trumpfmodel:oseonscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutops cell sw48scope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsfabscope: - version: -

Trust: 0.8

vendor:trumpfmodel:tops unfoldscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutops mark 3dscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsfab storage smallstorescope: - version: -

Trust: 0.8

vendor:trumpfmodel:tubedesignscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutopsscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trumpflicenseexpertscope: - version: -

Trust: 0.8

vendor:trumpfmodel:topscalculationscope: - version: -

Trust: 0.8

vendor:trumpfmodel:teczonebendscope: - version: -

Trust: 0.8

vendor:trumpfmodel:trutops cell classicscope: - version: -

Trust: 0.8

vendor:siemensmodel:sinec insscope: - version: -

Trust: 0.6

vendor:siemensmodel:simit simulation platformscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinema remote connectscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic wincc oascope:eqversion:v3.17

Trust: 0.6

vendor:siemensmodel:simatic wincc oascope:eqversion:v3.18

Trust: 0.6

vendor:siemensmodel:pss capescope:eqversion:v14<v14.2023-08-23

Trust: 0.6

vendor:siemensmodel:pss capescope:eqversion:v15<v15.0.22

Trust: 0.6

vendor:siemensmodel:pss escope:eqversion:v34<v34.9.6

Trust: 0.6

vendor:siemensmodel:pss odmsscope:eqversion:v13.0

Trust: 0.6

vendor:siemensmodel:pss odmsscope:eqversion:v13.1<v13.1.12.1

Trust: 0.6

vendor:siemensmodel:simatic pcs neoscope:eqversion:v3

Trust: 0.6

vendor:siemensmodel:simatic pcs neoscope:eqversion:v4

Trust: 0.6

vendor:siemensmodel:simatic wincc oa p006scope:eqversion:v3.19<v3.19

Trust: 0.6

vendor:siemensmodel:pss escope:eqversion:v35

Trust: 0.6

sources: CNVD: CNVD-2023-69811 // JVNDB: JVNDB-2023-012536 // NVD: CVE-2023-3935

CVSS

SEVERITY

CVSSV2

CVSSV3

info@cert.vde.com: CVE-2023-3935
value: CRITICAL

Trust: 1.0

nvd@nist.gov: CVE-2023-3935
value: CRITICAL

Trust: 1.0

OTHER: JVNDB-2023-012536
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2023-69811
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-69811
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

info@cert.vde.com: CVE-2023-3935
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

OTHER: JVNDB-2023-012536
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-69811 // JVNDB: JVNDB-2023-012536 // NVD: CVE-2023-3935 // NVD: CVE-2023-3935

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-012536 // NVD: CVE-2023-3935

PATCH

title:Patch for Siemens Industrial product WIBU system CodeMeter heap buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/460931

Trust: 0.6

sources: CNVD: CNVD-2023-69811

EXTERNAL IDS

db:NVDid:CVE-2023-3935

Trust: 3.3

db:CERT@VDEid:VDE-2023-031

Trust: 1.9

db:CERT@VDEid:VDE-2023-030

Trust: 1.8

db:JVNid:JVNVU92598492

Trust: 0.8

db:JVNid:JVNVU92008538

Trust: 0.8

db:JVNid:JVNVU98137233

Trust: 0.8

db:ICS CERTid:ICSA-24-004-01

Trust: 0.8

db:ICS CERTid:ICSA-23-320-03

Trust: 0.8

db:ICS CERTid:ICSA-23-257-06

Trust: 0.8

db:JVNDBid:JVNDB-2023-012536

Trust: 0.8

db:SIEMENSid:SSA-240541

Trust: 0.6

db:CNVDid:CNVD-2023-69811

Trust: 0.6

db:VULMONid:CVE-2023-3935

Trust: 0.1

sources: CNVD: CNVD-2023-69811 // VULMON: CVE-2023-3935 // JVNDB: JVNDB-2023-012536 // NVD: CVE-2023-3935

REFERENCES

url:https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/advisorywibu-230704-01-v3.0.pdf

Trust: 1.9

url:https://cert.vde.com/en/advisories/vde-2023-031/

Trust: 1.9

url:https://cert.vde.com/en/advisories/vde-2023-030/

Trust: 1.8

url:https://jvn.jp/vu/jvnvu98137233/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu92598492/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu92008538/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-3935

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-257-06

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-03

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-004-01

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-240541.html

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2023-69811 // VULMON: CVE-2023-3935 // JVNDB: JVNDB-2023-012536 // NVD: CVE-2023-3935

SOURCES

db:CNVDid:CNVD-2023-69811
db:VULMONid:CVE-2023-3935
db:JVNDBid:JVNDB-2023-012536
db:NVDid:CVE-2023-3935

LAST UPDATE DATE

2024-08-14T12:13:07.282000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-69811date:2023-09-15T00:00:00
db:VULMONid:CVE-2023-3935date:2023-09-13T00:00:00
db:JVNDBid:JVNDB-2023-012536date:2024-01-09T02:47:00
db:NVDid:CVE-2023-3935date:2024-01-25T20:24:58.783

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-69811date:2023-09-14T00:00:00
db:VULMONid:CVE-2023-3935date:2023-09-13T00:00:00
db:JVNDBid:JVNDB-2023-012536date:2023-12-18T00:00:00
db:NVDid:CVE-2023-3935date:2023-09-13T14:15:09.147