cnvd - cnvd-2020-29863

CNVD-2020-29863

Vulnerability from cnvd - Published: 2020-05-26

Title

B&R Automation Automation Studio存在未明漏洞

Description

B&R Automation Automation Studio是一款自动化控制系统。 B&R Automation Automation Studio存在安全漏洞，未经身份验证的攻击者可通过B＆R升级服务器利用该漏洞执行MITM攻击。

Severity

中

Patch Name

B&R Automation Automation Studio存在未明漏洞的补丁

Patch Description

B&R Automation Automation Studio是一款自动化控制系统。 B&R Automation Automation Studio存在安全漏洞，未经身份验证的攻击者可通过B＆R升级服务器利用该漏洞执行MITM攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.br-automation.com/

Reference

https://www.us-cert.gov/ics/advisories/icsa-20-093-01

Impacted products

Name
['BandR Automation Automation Studio 4.0.', 'BandR Automation Automation Studio 4.1.', 'BandR Automation Automation Studio 4.2.*', 'BandR Automation Automation Studio <4.3.11SP', 'BandR Automation Automation Studio <4.4.9SP', 'BandR Automation Automation Studio <4.5.4SP', 'BandR Automation Automation Studio <4.6.3SP', 'BandR Automation Automation Studio <4.7.2', 'BandR Automation Automation Studio <4.8.1']

Name

['BandR Automation Automation Studio 4.0.*', 'BandR Automation Automation Studio 4.1.*', 'BandR Automation Automation Studio 4.2.*', 'BandR Automation Automation Studio <4.3.11SP', 'BandR Automation Automation Studio <4.4.9SP', 'BandR Automation Automation Studio <4.5.4SP', 'BandR Automation Automation Studio <4.6.3SP', 'BandR Automation Automation Studio <4.7.2', 'BandR Automation Automation Studio <4.8.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-19101"
    }
  },
  "description": "B\u0026R Automation Automation Studio\u662f\u4e00\u6b3e\u81ea\u52a8\u5316\u63a7\u5236\u7cfb\u7edf\u3002\n\nB\u0026R Automation Automation Studio\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7B\uff06R\u5347\u7ea7\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884cMITM\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.br-automation.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-29863",
  "openTime": "2020-05-26",
  "patchDescription": "B\u0026R Automation Automation Studio\u662f\u4e00\u6b3e\u81ea\u52a8\u5316\u63a7\u5236\u7cfb\u7edf\u3002\r\n\r\nB\u0026R Automation Automation Studio\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7B\uff06R\u5347\u7ea7\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884cMITM\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "B\u0026R Automation Automation Studio\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "BandR Automation Automation Studio 4.0.*",
      "BandR Automation Automation Studio 4.1.*",
      "BandR Automation Automation Studio 4.2.*",
      "BandR Automation Automation Studio \u003c4.3.11SP",
      "BandR Automation Automation Studio \u003c4.4.9SP",
      "BandR Automation Automation Studio \u003c4.5.4SP",
      "BandR Automation Automation Studio \u003c4.6.3SP",
      "BandR Automation Automation Studio \u003c4.7.2",
      "BandR Automation Automation Studio \u003c4.8.1"
    ]
  },
  "referenceLink": "https://www.us-cert.gov/ics/advisories/icsa-20-093-01",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-03",
  "title": "B\u0026R Automation Automation Studio\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2019-19101 (GCVE-0-2019-19101)

Vulnerability from cvelistv5 – Published: 2020-04-29 02:07 – Updated: 2024-08-05 02:09

Summary

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-326 - Inadequate Encryption Strength

Assigner

ABB

References

URL

Tags

https://www.br-automation.com/en/downloads/032020…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	B&R	Automation Studio	Affected: 4.0.x Affected: 4.1.x Affected: 4.2.x Affected: < 4.3.11SP Affected: < 4.4.9SP Affected: < 4.5.5SP Affected: < 4.6.3SP Affected: < 4.7.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:09:39.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Automation Studio",
          "vendor": "B\u0026R",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.x"
            },
            {
              "status": "affected",
              "version": "4.1.x"
            },
            {
              "status": "affected",
              "version": "4.2.x"
            },
            {
              "status": "affected",
              "version": "\u003c 4.3.11SP"
            },
            {
              "status": "affected",
              "version": "\u003c 4.4.9SP"
            },
            {
              "status": "affected",
              "version": "\u003c 4.5.5SP"
            },
            {
              "status": "affected",
              "version": "\u003c 4.6.3SP"
            },
            {
              "status": "affected",
              "version": "\u003c 4.7.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A missing secure communication definition and an incomplete TLS validation in the upgrade service in B\u0026R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, \u003c 4.3.11SP, \u003c 4.4.9SP, \u003c 4.5.5SP, \u003c 4.6.4 and \u003c 4.7.2 enable unauthenticated users to perform MITM attacks via the B\u0026R upgrade server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326 Inadequate Encryption Strength",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-29T02:07:31",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Incomplete communication encryption and validation in B\u0026R Automation Studio upgrade service",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@ch.abb.com",
          "ID": "CVE-2019-19101",
          "STATE": "PUBLIC",
          "TITLE": "Incomplete communication encryption and validation in B\u0026R Automation Studio upgrade service"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Automation Studio",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.0.x"
                          },
                          {
                            "version_value": "4.1.x"
                          },
                          {
                            "version_value": "4.2.x"
                          },
                          {
                            "version_value": "\u003c 4.3.11SP"
                          },
                          {
                            "version_value": "\u003c 4.4.9SP"
                          },
                          {
                            "version_value": "\u003c 4.5.5SP"
                          },
                          {
                            "version_value": "\u003c 4.6.3SP"
                          },
                          {
                            "version_value": "\u003c 4.7.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "B\u0026R"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A missing secure communication definition and an incomplete TLS validation in the upgrade service in B\u0026R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, \u003c 4.3.11SP, \u003c 4.4.9SP, \u003c 4.5.5SP, \u003c 4.6.4 and \u003c 4.7.2 enable unauthenticated users to perform MITM attacks via the B\u0026R upgrade server."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-326 Inadequate Encryption Strength"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/",
              "refsource": "CONFIRM",
              "url": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2019-19101",
    "datePublished": "2020-04-29T02:07:32",
    "dateReserved": "2019-11-18T00:00:00",
    "dateUpdated": "2024-08-05T02:09:39.436Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-29863

CVE-2019-19101 (GCVE-0-2019-19101)

Tags

Sightings

Nomenclature