cvelistv5 - cve-2017-5176

CVE-2017-5176 (GCVE-0-2017-5176)

Vulnerability from cvelistv5 – Published: 2017-05-19 02:43 – Updated: 2024-08-05 14:55

Summary

Severity ?

No CVSS data available.

CWE

CWE-427

Assigner

icscert

References

URL

Tags

	http://www.securityfocus.com/bid/97000	vdb-entryx_refsource_BID
	https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Rockwell Automation Connected Components Workbench	Affected: Rockwell Automation Connected Components Workbench

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:55:35.738Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "97000",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97000"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Rockwell Automation Connected Components Workbench",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Rockwell Automation Connected Components Workbench"
            }
          ]
        }
      ],
      "datePublic": "2017-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-19T09:57:02",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "97000",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97000"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-5176",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Rockwell Automation Connected Components Workbench",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Rockwell Automation Connected Components Workbench"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-427"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "97000",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97000"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-5176",
    "datePublished": "2017-05-19T02:43:00",
    "dateReserved": "2017-01-03T00:00:00",
    "dateUpdated": "2024-08-05T14:55:35.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:developer:*:*:*\", \"versionEndIncluding\": \"9.01.00\", \"matchCriteriaId\": \"D30E0FF5-DFC8-4A9E-AC5E-A989607E2419\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevdee:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"669BA851-4DD0-498B-8775-4C9529CAF06C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevene:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"589025A2-B3B1-4FFC-A6F2-9D6E3A976E3E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevese:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49295F0C-B90A-46BF-AC22-723743237A3D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevfre:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B41A881-8DAA-43E3-934E-4500C8815666\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevite:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D2366F9-803F-433A-8712-1E328D03FFAF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevpte:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68B1539D-19C2-4048-8904-C0B6D60E34D6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:rockwellautomation:9328-ccwdevzhe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5654863-5B85-4EE3-96A2-8624407BD9FC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:free_standard:*:*:*\", \"versionEndIncluding\": \"9.01.00\", \"matchCriteriaId\": \"5AE5B4DF-E10A-42DB-B9F3-E9D292281235\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un problema de secuestro de DLL en Connected Components Workbench (CCW) de Rockwell Automation. Est\\u00e1n afectadas las siguientes versiones: Connected Components Workbench - Developer Edition, versi\\u00f3n v9.01.00 y anteriores a: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CC y Connected Components Workbench - Edici\\u00f3n Est\\u00e1ndar Gratuita (todos los idiomas compatibles), versi\\u00f3n v9.01.00 y anteriores. Ciertos bibliotecas DLL incluidas con las versiones de software de CCW pueden ser secuestradas para permitir a un atacante alcanzar derechos sobre la computadora personal afectada de la v\\u00edctima. Dichos derechos de acceso pueden estar en el mismo nivel de privilegios o potencialmente en un nivel m\\u00e1s alto al de la cuenta de usuario comprometida, incluyendo los privilegios de administrador de computadora.\"}]",
      "id": "CVE-2017-5176",
      "lastModified": "2024-11-21T03:27:12.343",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 1.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-05-19T03:29:00.293",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/97000\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/97000\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-5176\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2017-05-19T03:29:00.293\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema de secuestro de DLL en Connected Components Workbench (CCW) de Rockwell Automation. Est\u00e1n afectadas las siguientes versiones: Connected Components Workbench - Developer Edition, versi\u00f3n v9.01.00 y anteriores a: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CC y Connected Components Workbench - Edici\u00f3n Est\u00e1ndar Gratuita (todos los idiomas compatibles), versi\u00f3n v9.01.00 y anteriores. Ciertos bibliotecas DLL incluidas con las versiones de software de CCW pueden ser secuestradas para permitir a un atacante alcanzar derechos sobre la computadora personal afectada de la v\u00edctima. Dichos derechos de acceso pueden estar en el mismo nivel de privilegios o potencialmente en un nivel m\u00e1s alto al de la cuenta de usuario comprometida, incluyendo los privilegios de administrador de computadora.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:developer:*:*:*\",\"versionEndIncluding\":\"9.01.00\",\"matchCriteriaId\":\"D30E0FF5-DFC8-4A9E-AC5E-A989607E2419\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevdee:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"669BA851-4DD0-498B-8775-4C9529CAF06C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevene:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"589025A2-B3B1-4FFC-A6F2-9D6E3A976E3E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevese:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49295F0C-B90A-46BF-AC22-723743237A3D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevfre:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B41A881-8DAA-43E3-934E-4500C8815666\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevite:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D2366F9-803F-433A-8712-1E328D03FFAF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevpte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B1539D-19C2-4048-8904-C0B6D60E34D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:rockwellautomation:9328-ccwdevzhe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5654863-5B85-4EE3-96A2-8624407BD9FC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:free_standard:*:*:*\",\"versionEndIncluding\":\"9.01.00\",\"matchCriteriaId\":\"5AE5B4DF-E10A-42DB-B9F3-E9D292281235\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/97000\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/97000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

FKIE_CVE-2017-5176

Vulnerability from fkie_nvd - Published: 2017-05-19 03:29 - Updated: 2025-04-20 01:37

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/97000	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97000	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01	Patch, Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
rockwellautomation	connected_components_workbench	*
rockwellautomation	9328-ccwdevdee	-
rockwellautomation	9328-ccwdevene	-
rockwellautomation	9328-ccwdevese	-
rockwellautomation	9328-ccwdevfre	-
rockwellautomation	9328-ccwdevite	-
rockwellautomation	9328-ccwdevpte	-
rockwellautomation	9328-ccwdevzhe	-
rockwellautomation	connected_components_workbench	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:developer:*:*:*",
              "matchCriteriaId": "D30E0FF5-DFC8-4A9E-AC5E-A989607E2419",
              "versionEndIncluding": "9.01.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevdee:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "669BA851-4DD0-498B-8775-4C9529CAF06C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevene:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "589025A2-B3B1-4FFC-A6F2-9D6E3A976E3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevese:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49295F0C-B90A-46BF-AC22-723743237A3D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevfre:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B41A881-8DAA-43E3-934E-4500C8815666",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevite:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D2366F9-803F-433A-8712-1E328D03FFAF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevpte:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B1539D-19C2-4048-8904-C0B6D60E34D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:9328-ccwdevzhe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5654863-5B85-4EE3-96A2-8624407BD9FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:free_standard:*:*:*",
              "matchCriteriaId": "5AE5B4DF-E10A-42DB-B9F3-E9D292281235",
              "versionEndIncluding": "9.01.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema de secuestro de DLL en Connected Components Workbench (CCW) de Rockwell Automation. Est\u00e1n afectadas las siguientes versiones: Connected Components Workbench - Developer Edition, versi\u00f3n v9.01.00 y anteriores a: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CC y Connected Components Workbench - Edici\u00f3n Est\u00e1ndar Gratuita (todos los idiomas compatibles), versi\u00f3n v9.01.00 y anteriores. Ciertos bibliotecas DLL incluidas con las versiones de software de CCW pueden ser secuestradas para permitir a un atacante alcanzar derechos sobre la computadora personal afectada de la v\u00edctima. Dichos derechos de acceso pueden estar en el mismo nivel de privilegios o potencialmente en un nivel m\u00e1s alto al de la cuenta de usuario comprometida, incluyendo los privilegios de administrador de computadora."
    }
  ],
  "id": "CVE-2017-5176",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-19T03:29:00.293",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97000"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201705-3257

Vulnerability from variot - Updated: 2023-12-18 14:05

A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim's affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges. Rockwell Automation Connected Components Workbench Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rockwell Automation Connected Components Workbench is an HMI editor and component-level industrial product for designing and configuring applications and implementing microcontrollers. A local attacker could exploit this vulnerability to execute arbitrary code in the context of a user running in an affected program. The software can be used for controller programming and device configuration, and is integrated with an HMI editor to further simplify stand-alone device programming

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3257",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "connected components workbench",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "rockwellautomation",
        "version": "9.01.00"
      },
      {
        "model": "connected components workbench software",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "developer edition 9.01.00"
      },
      {
        "model": "connected components workbench software",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "rockwell automation",
        "version": "free standard edition (all supported languages) 9.01.00"
      },
      {
        "model": "automation connected components workbench",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "rockwell",
        "version": "\u003c=v9.01.00"
      },
      {
        "model": "connected components workbench",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "rockwellautomation",
        "version": "9.01.00"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "connected components workbench",
        "version": "*"
      },
      {
        "model": "automation connected components workbench free standard edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??9.1"
      },
      {
        "model": "automation connected components workbench developer edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??9.1"
      },
      {
        "model": "automation connected components workbench free standard edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??10.01"
      },
      {
        "model": "automation connected components workbench free standard edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??10.00"
      },
      {
        "model": "automation connected components workbench developer edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??10.01"
      },
      {
        "model": "automation connected components workbench developer edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "rockwell",
        "version": "??10.00"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:developer:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "9.01.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevzhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevfre:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevite:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevdee:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevene:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevese:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevpte:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:free_standard:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.01.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ivan Sanchez",
    "sources": [
      {
        "db": "BID",
        "id": "97000"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5176",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 6.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2017-5176",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "CNVD-2017-04296",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "efb00b70-253b-4c60-8992-9defd0413fb8",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.9,
            "id": "VHN-113379",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.0,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.0,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-5176",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-5176",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-04296",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-965",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "efb00b70-253b-4c60-8992-9defd0413fb8",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113379",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges. Rockwell Automation Connected Components Workbench Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Rockwell Automation Connected Components Workbench is an HMI editor and component-level industrial product for designing and configuring applications and implementing microcontrollers. A local attacker could exploit this vulnerability to execute arbitrary code in the context of a user running in an affected program. The software can be used for controller programming and device configuration, and is integrated with an HMI editor to further simplify stand-alone device programming",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5176",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-047-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "97000",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "EFB00B70-253B-4C60-8992-9DEFD0413FB8",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "id": "VAR-201705-3257",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      }
    ],
    "trust": 1.22692307
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      }
    ]
  },
  "last_update_date": "2023-12-18T14:05:46.954000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Connected Components Workbench Software",
        "trust": 0.8,
        "url": "http://www.rockwellautomation.com/global/support/connected-components/workbench.page"
      },
      {
        "title": "Rockwell Automation Connected Components Workbench DLL loads patches for native code execution vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/91709"
      },
      {
        "title": "Rockwell Automation Connected Components Workbench Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68694"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-427",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-047-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/97000"
      },
      {
        "trust": 1.4,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5176"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5176"
      },
      {
        "trust": 0.3,
        "url": "http://www.rockwellautomation.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-04-12T00:00:00",
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "date": "2017-04-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "date": "2017-05-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "date": "2017-03-22T00:00:00",
        "db": "BID",
        "id": "97000"
      },
      {
        "date": "2017-06-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "date": "2017-05-19T03:29:00.293000",
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "date": "2017-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113379"
      },
      {
        "date": "2017-03-23T00:01:00",
        "db": "BID",
        "id": "97000"
      },
      {
        "date": "2017-06-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004364"
      },
      {
        "date": "2019-10-09T23:28:12.997000",
        "db": "NVD",
        "id": "CVE-2017-5176"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "97000"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rockwell Automation Connected Components Workbench DLL Load Local Code Execution Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-04296"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code problem",
    "sources": [
      {
        "db": "IVD",
        "id": "efb00b70-253b-4c60-8992-9defd0413fb8"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-965"
      }
    ],
    "trust": 0.8
  }
}

GHSA-CJWF-2PH9-3JPR

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36

Details

Severity ?

7.0 (High)


                  
                    CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5176"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-19T03:29:00Z",
    "severity": "HIGH"
  },
  "details": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.",
  "id": "GHSA-cjwf-2ph9-3jpr",
  "modified": "2022-05-13T01:36:40Z",
  "published": "2022-05-13T01:36:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5176"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97000"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-5176

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5176

Aliases

CVE-2017-5176

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5176",
    "description": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.",
    "id": "GSD-2017-5176"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5176"
      ],
      "details": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.",
      "id": "GSD-2017-5176",
      "modified": "2023-12-13T01:21:13.541727Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-5176",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Rockwell Automation Connected Components Workbench",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Rockwell Automation Connected Components Workbench"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-427"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "97000",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97000"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:developer:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "9.01.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevzhe:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevfre:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevite:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevdee:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevene:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevese:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:rockwellautomation:9328-ccwdevpte:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:rockwellautomation:connected_components_workbench:*:*:*:*:free_standard:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.01.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-5176"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim\u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-427"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01"
            },
            {
              "name": "97000",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97000"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:28Z",
      "publishedDate": "2017-05-19T03:29Z"
    }
  }
}

CNVD-2017-04296

Vulnerability from cnvd - Published: 2017-04-12

Title

Rockwell Automation Connected Components Workbench DLL加载本地代码执行漏洞

Description

Rockwell Automation Connected Components Workbench是一款用于设计和配置应用程序和进行微控制器变成的HMI编辑器和组件级工业产品。 Rockwell Automation Connected Components Workbench存在本地任意代码执行漏洞，该漏洞源于程序未能验证用户提供的输入。本地攻击者可利用此漏洞在受影响程序中运行的用户的上下文中执行任意代码。

Severity

中

Patch Name

Rockwell Automation Connected Components Workbench DLL加载本地代码执行漏洞的补丁

Patch Description

Formal description

用户可联系供应商获得补丁信息： https://www.rockwellautomation.com/

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5176

Impacted products

Name
Rockwell Automation Connected Components Workbench <=v9.01.00

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5176",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5176"
    }
  },
  "description": "Rockwell Automation Connected Components Workbench\u662f\u4e00\u6b3e\u7528\u4e8e\u8bbe\u8ba1\u548c\u914d\u7f6e\u5e94\u7528\u7a0b\u5e8f\u548c\u8fdb\u884c\u5fae\u63a7\u5236\u5668\u53d8\u6210\u7684HMI\u7f16\u8f91\u5668\u548c\u7ec4\u4ef6\u7ea7\u5de5\u4e1a\u4ea7\u54c1\u3002\r\n\r\nRockwell Automation Connected Components Workbench\u5b58\u5728\u672c\u5730\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7a0b\u5e8f\u4e2d\u8fd0\u884c\u7684\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Ivan Sanchez",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.rockwellautomation.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-04296",
  "openTime": "2017-04-12",
  "patchDescription": "Rockwell Automation Connected Components Workbench\u662f\u4e00\u6b3e\u7528\u4e8e\u8bbe\u8ba1\u548c\u914d\u7f6e\u5e94\u7528\u7a0b\u5e8f\u548c\u8fdb\u884c\u5fae\u63a7\u5236\u5668\u53d8\u6210\u7684HMI\u7f16\u8f91\u5668\u548c\u7ec4\u4ef6\u7ea7\u5de5\u4e1a\u4ea7\u54c1\u3002\r\n\r\nRockwell Automation Connected Components Workbench\u5b58\u5728\u672c\u5730\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7a0b\u5e8f\u4e2d\u8fd0\u884c\u7684\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Rockwell Automation Connected Components Workbench DLL\u52a0\u8f7d\u672c\u5730\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Rockwell Automation Connected Components Workbench \u003c=v9.01.00"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-01\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5176",
  "serverity": "\u4e2d",
  "submitTime": "2017-03-23",
  "title": "Rockwell Automation Connected Components Workbench DLL\u52a0\u8f7d\u672c\u5730\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

ICSA-17-047-01

Vulnerability from csaf_cisa - Published: 2017-02-16 00:00 - Updated: 2017-03-21 00:00

Summary

Rockwell Automation Connected Components Workbench

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Vendor: Rockwell Automation

Critical infrastructure sectors

Commercial Facilities, Defense Industrial Base, Energy, and Government Facilities

Countries/areas deployed

Globally

Company headquarters location

Milwaukee, Wisconsin

Recommended Practices

ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability. Not remotely exploitable. High skill level is needed to exploit.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Ivan Sanchez"
        ],
        "summary": "reporting this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Vendor: Rockwell Automation",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Defense Industrial Base, Energy, and Government Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Globally",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Milwaukee, Wisconsin",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability. Not remotely exploitable. High skill level is needed to exploit.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-047-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-047-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-047-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-047-01"
      }
    ],
    "title": "Rockwell Automation Connected Components Workbench",
    "tracking": {
      "current_release_date": "2017-03-21T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-047-01",
      "initial_release_date": "2017-02-16T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-02-16T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-047-01P Rockwell Automation Connected Components Workbench"
        },
        {
          "date": "2017-03-21T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-17-047-01 Rockwell Automation Connected Components Workbench (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVDEE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVDEE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVITE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVITE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVESE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVESE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVZHE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVZHE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Free Standard Edition (All Supported Languages): v9.01.00 and earlier",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Free Standard Edition (All Supported Languages)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVFRE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVFRE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVENE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVENE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 9.01.00",
                "product": {
                  "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVPTE: v9.01.00 and earlier",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "Connected Components Workbench - Developer Edition 9328-CCWDEVPTE"
          }
        ],
        "category": "vendor",
        "name": "Rockwell Automation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5176",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim \u0027s affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.CVE-2017-5176 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5176"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Rockwell Automation has released a new version of Connected Components Workbench, Version 10.00 and Version 10.01 (All supported languages) which addresses the identified vulnerability.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008"
          ]
        },
        {
          "category": "mitigation",
          "details": "Rockwell Automation recommends updating to the latest version of Connected Components Workbench, Version 10.00 or later",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008"
          ],
          "url": "http://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026refSoft=1\u0026toggleState=\u0026versions=55834,55972"
        },
        {
          "category": "mitigation",
          "details": "For more information on this vulnerability and more detailed mitigation instructions, please see Rockwell Automation advisory labeled Connected Components Workbench Software Dynamic Link Library (DLL) Hijack Version 1.0, February 16, 2017",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1030688"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008"
          ]
        }
      ]
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5176 (GCVE-0-2017-5176)

FKIE_CVE-2017-5176

VAR-201705-3257

GHSA-CJWF-2PH9-3JPR

GSD-2017-5176

CNVD-2017-04296

ICSA-17-047-01

Tags

Sightings

Nomenclature