Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-7836 (GCVE-0-2018-7836)
Vulnerability from cvelistv5 – Published: 2018-12-24 16:00 – Updated: 2024-08-05 06:37
VLAI?
EPSS
Summary
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
Severity ?
No CVSS data available.
CWE
- Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric SE | IIoT Monitor 3.1.38 |
Affected:
IIoT Monitor 3.1.38
|
Date Public ?
2018-12-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIoT Monitor 3.1.38",
"vendor": "Schneider Electric SE",
"versions": [
{
"status": "affected",
"version": "IIoT Monitor 3.1.38"
}
]
}
],
"datePublic": "2018-12-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-10T10:57:01.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"name": "106484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2018-7836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIoT Monitor 3.1.38",
"version": {
"version_data": [
{
"version_value": "IIoT Monitor 3.1.38"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106484"
},
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2018-7836",
"datePublished": "2018-12-24T16:00:00.000Z",
"dateReserved": "2018-03-08T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:37:59.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-7836",
"date": "2026-04-25",
"epss": "0.02316",
"percentile": "0.84842"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schneider-electric:iiot_monitor:3.1.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E622E71-AE37-4561-84CB-E5D2B4AE2674\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de subida sin restricci\\u00f3n de archivos con tipos peligrosos en numerosos m\\u00e9todos del software de IIoT Monitor 3.1.38 que podr\\u00eda permitir la subida y ejecuci\\u00f3n de archivos maliciosos.\"}]",
"id": "CVE-2018-7836",
"lastModified": "2024-11-21T04:12:51.023",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-12-24T16:29:00.937",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/106484\", \"source\": \"cybersecurity@se.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/\", \"source\": \"cybersecurity@se.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-7836\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2018-12-24T16:29:00.937\",\"lastModified\":\"2024-11-21T04:12:51.023\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de subida sin restricci\u00f3n de archivos con tipos peligrosos en numerosos m\u00e9todos del software de IIoT Monitor 3.1.38 que podr\u00eda permitir la subida y ejecuci\u00f3n de archivos maliciosos.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:iiot_monitor:3.1.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E622E71-AE37-4561-84CB-E5D2B4AE2674\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106484\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
FKIE_CVE-2018-7836
Vulnerability from fkie_nvd - Published: 2018-12-24 16:29 - Updated: 2024-11-21 04:12
Severity ?
Summary
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| schneider-electric | iiot_monitor | 3.1.38 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:iiot_monitor:3.1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "9E622E71-AE37-4561-84CB-E5D2B4AE2674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de subida sin restricci\u00f3n de archivos con tipos peligrosos en numerosos m\u00e9todos del software de IIoT Monitor 3.1.38 que podr\u00eda permitir la subida y ejecuci\u00f3n de archivos maliciosos."
}
],
"id": "CVE-2018-7836",
"lastModified": "2024-11-21T04:12:51.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-24T16:29:00.937",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106484"
},
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2018-AVI-610
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | EVLink Parking versions 3.2.0-12_v1 et antérieures | ||
| Schneider Electric | N/A | IIoT Monitor 3.1.38 | ||
| Schneider Electric | N/A | Pro-Face GP-Pro EX versions 4.08 et antérieures |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "EVLink Parking versions 3.2.0-12_v1 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "IIoT Monitor 3.1.38",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Pro-Face GP-Pro EX versions 4.08 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-7800",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7800"
},
{
"name": "CVE-2018-7801",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7801"
},
{
"name": "CVE-2018-7802",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7802"
},
{
"name": "CVE-2018-7835",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7835"
},
{
"name": "CVE-2018-7832",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7832"
},
{
"name": "CVE-2018-7836",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7836"
},
{
"name": "CVE-2018-7837",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7837"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-610",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-12-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "SCADA Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-03 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-02 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-02/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-01 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-01/"
}
]
}
CERTFR-2018-AVI-610
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | EVLink Parking versions 3.2.0-12_v1 et antérieures | ||
| Schneider Electric | N/A | IIoT Monitor 3.1.38 | ||
| Schneider Electric | N/A | Pro-Face GP-Pro EX versions 4.08 et antérieures |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "EVLink Parking versions 3.2.0-12_v1 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "IIoT Monitor 3.1.38",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Pro-Face GP-Pro EX versions 4.08 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-7800",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7800"
},
{
"name": "CVE-2018-7801",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7801"
},
{
"name": "CVE-2018-7802",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7802"
},
{
"name": "CVE-2018-7835",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7835"
},
{
"name": "CVE-2018-7832",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7832"
},
{
"name": "CVE-2018-7836",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7836"
},
{
"name": "CVE-2018-7837",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7837"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-610",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-12-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "SCADA Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-03 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-02 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-02/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2018-354-01 du 20 d\u00e9cembre 2018",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-01/"
}
]
}
BDU:2019-00138
Vulnerability from fstec - Published: 20.12.2018
VLAI Severity ?
Title
Уязвимость платформы мониторинга IIoT Monitor, связанная с отсутствием ограничений при загрузке файлов, позволяющая нарушителю загружать и запускать вредоносные файлы
Description
Уязвимость платформы мониторинга IIoT Monitor связана с отсутствием ограничений при загрузке файлов. Эксплуатация уязимости может позволить нарушителю, действующему удаленно, загружать и запускать вредоносные файлы, которые могут быть автоматически обработаны в рамках среды продукта
Severity ?
Vendor
Schneider Electric
Software Name
IIoT Monitor
Software Version
3.1.38 (IIoT Monitor)
Possible Mitigations
Компенсирующие меры:
Размещение сети систем управления, безопасности и удаленных устройств за брандмауэрами.
Установление физического контроля, чтобы посторонние лица не имели доступ к ICS и контроллерам безопасности, периферийному оборудованию или ICS и сетям безопасности.
Reference
https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/
CWE
CWE-434
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Schneider Electric",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "3.1.38 (IIoT Monitor)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n\u0420\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0437\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u043c\u0438.\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043b\u0438\u0446\u0430 \u043d\u0435 \u0438\u043c\u0435\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a ICS \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u043e\u043c\u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0438\u043b\u0438 ICS \u0438 \u0441\u0435\u0442\u044f\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.12.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "18.01.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-00138",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-7836",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "IIoT Monitor",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 IIoT Monitor, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e \u0442\u0438\u043f\u0430 (CWE-434)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 IIoT Monitor \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0440\u0435\u0434\u044b \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-434",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,4)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)"
}
GHSA-5R23-4MRH-R3PM
Vulnerability from github – Published: 2022-05-14 01:36 – Updated: 2022-05-14 01:36
VLAI?
Details
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2018-7836"
],
"database_specific": {
"cwe_ids": [
"CWE-434"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-24T16:29:00Z",
"severity": "CRITICAL"
},
"details": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.",
"id": "GHSA-5r23-4mrh-r3pm",
"modified": "2022-05-14T01:36:14Z",
"published": "2022-05-14T01:36:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7836"
},
{
"type": "WEB",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106484"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
ICSA-19-008-02
Vulnerability from csaf_cisa - Published: 2019-01-08 00:00 - Updated: 2019-01-15 00:00Summary
Schneider Electric IIoT Monitor (Update A)
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Critical infrastructure sectors: Commercial Facilities, Critical Manufacturing, Energy, Transportation Services
Countries/areas deployed: Worldwide
Company headquarters location: France
Recommended Practices: NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Recommended Practices: NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:
Exploitability: No known public exploits specifically target these vulnerabilities.
7.5 (High)
Mitigation
Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.
https://www.schneider-electric.com/en/work/suppor…
Mitigation
Schneider Electric has also released a security notification
https://www.schneider-electric.com/en/download/do…
Mitigation
Schneider Electric strongly recommends implementing industry cybersecurity best practices
Mitigation
Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.
Mitigation
Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.
Mitigation
All controllers should reside in locked cabinets and never be left in the “Program” mode.
Mitigation
All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.
Mitigation
All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.
Mitigation
Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.
Mitigation
Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
Mitigation
When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
9.3 (Critical)
Mitigation
Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.
https://www.schneider-electric.com/en/work/suppor…
Mitigation
Schneider Electric has also released a security notification
https://www.schneider-electric.com/en/download/do…
Mitigation
Schneider Electric strongly recommends implementing industry cybersecurity best practices
Mitigation
Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.
Mitigation
Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.
Mitigation
All controllers should reside in locked cabinets and never be left in the “Program” mode.
Mitigation
All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.
Mitigation
All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.
Mitigation
Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.
Mitigation
Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
Mitigation
When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
7.5 (High)
Mitigation
Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.
https://www.schneider-electric.com/en/work/suppor…
Mitigation
Schneider Electric has also released a security notification
https://www.schneider-electric.com/en/download/do…
Mitigation
Schneider Electric strongly recommends implementing industry cybersecurity best practices
Mitigation
Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.
Mitigation
Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.
Mitigation
All controllers should reside in locked cabinets and never be left in the “Program” mode.
Mitigation
All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.
Mitigation
All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.
Mitigation
Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.
Mitigation
Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
Mitigation
When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
6.2 (Medium)
Mitigation
Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.
https://www.schneider-electric.com/en/work/suppor…
Mitigation
Schneider Electric has also released a security notification
https://www.schneider-electric.com/en/download/do…
Mitigation
Schneider Electric strongly recommends implementing industry cybersecurity best practices
Mitigation
Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.
Mitigation
Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.
Mitigation
All controllers should reside in locked cabinets and never be left in the “Program” mode.
Mitigation
All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.
Mitigation
All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.
Mitigation
Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.
Mitigation
Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
Mitigation
When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
References
Acknowledgments
Trend Micro 's Zero Day Initiative
rgod
{
"document": {
"acknowledgments": [
{
"names": [
"rgod"
],
"organization": "Trend Micro \u0027s Zero Day Initiative",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "Commercial Facilities, Critical Manufacturing, Energy, Transportation Services",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-008-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-008-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-008-02 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-008-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-008-02"
}
],
"title": "Schneider Electric IIoT Monitor (Update A)",
"tracking": {
"current_release_date": "2019-01-15T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-008-02",
"initial_release_date": "2019-01-08T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-01-08T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-008-02 Schneider Electric IIoT Monitor"
},
{
"date": "2019-01-15T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-19-008-02 Schneider Electric IIoT Monitor (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 3.1.38",
"product": {
"name": "IIoT Monitor: Versions 3.1.38 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "IIoT Monitor"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-7835",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A path traversal vulnerability exists, which may allow access to files available to SYSTEM user.CVE-2018-7835 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7835"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Schneider Electric has also released a security notification ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"category": "mitigation",
"details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7836",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "An unrestricted upload of a file with dangerous type vulnerability exists in the IIoT Monitor software that could allow the uploading and execution of malicious files.CVE-2018-7836 has been assigned to this vulnerability. A CVSS v3 base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7836"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Schneider Electric has also released a security notification ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"category": "mitigation",
"details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7837",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "summary",
"text": "There is an XXE vulnerability in the IIoT Monitor software that may allow the software to resolve documents outside of the intended sphere of control, causing the software to embed incorrect documents into its output and expose restricted information.CVE-2018-7837 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7837"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Schneider Electric has also released a security notification ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"category": "mitigation",
"details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7839",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "There is a hardcoded cryptographic key that may affect the confidentiality of the device.CVE-2018-7839 has been assigned to this vulnerability. A CVSS v3 base score of 6.2 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7839"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Schneider Electric has also released a security notification ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"category": "mitigation",
"details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
VAR-201812-0853
Vulnerability from variot - Updated: 2024-02-06 22:52An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files. IIoT Monitor Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is required to exploit this vulnerability but authentication can be easily bypassed.The specific flaw exists within the processing of the upload method of the ProtectionMgmt servlet. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric of France. A directory-traversal vulnerability 2. An arbitrary file-upload vulnerability 3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0853",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iiot monitor",
"scope": null,
"trust": 3.5,
"vendor": "schneider electric",
"version": null
},
{
"model": "iiot monitor",
"scope": "eq",
"trust": 2.1,
"vendor": "schneider electric",
"version": "3.1.38"
},
{
"model": "electric iiot monitor",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "3.1.38"
},
{
"model": "iiot monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "BID",
"id": "106484"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:iiot_monitor:3.1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod of 9sg Security Team - rgod@9sgsec.com",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
}
],
"trust": 3.5
},
"cve": "CVE-2018-7836",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-7836",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-03464",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-7836",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.1,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7836",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.4,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7836",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7836",
"trust": 2.1,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7836",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-7836",
"trust": 1.4,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-03464",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-1096",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-7836",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files. IIoT Monitor Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is required to exploit this vulnerability but authentication can be easily bypassed.The specific flaw exists within the processing of the upload method of the ProtectionMgmt servlet. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric of France. A directory-traversal vulnerability\n2. An arbitrary file-upload vulnerability\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7836"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"db": "BID",
"id": "106484"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
}
],
"trust": 6.21
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7836",
"trust": 6.9
},
{
"db": "BID",
"id": "106484",
"trust": 2.0
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-354-03",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-19-008-02",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7120",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-032",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7122",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-022",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7136",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-030",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7121",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-021",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7135",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-029",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-03464",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-7836",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"db": "BID",
"id": "106484"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"id": "VAR-201812-0853",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-03464"
}
],
"trust": 1.5166667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-03464"
}
]
},
"last_update_date": "2024-02-06T22:52:00.928000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Schneider Electric has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-008-02"
},
{
"title": "SEVD-2018-354-03",
"trust": 0.8,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-354-03/"
},
{
"title": "Patch for IIoTMonitor Hazardous Type File Upload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/152471"
},
{
"title": "Schneider Electric IIoT Monitor Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88169"
},
{
"title": "Check Point Security Alerts: Schneider Electric IIoT Monitor Unrestricted File Upload (CVE-2018-7836)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=check_point_security_alerts\u0026qid=495244a44e00a37fadd60897391c108e"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-008-02"
},
{
"trust": 1.7,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-354-03/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7836"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/106484"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7836"
},
{
"trust": 0.3,
"url": "www.controlmicrosystems.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/434.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2018-2576.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"db": "BID",
"id": "106484"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"db": "BID",
"id": "106484"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-16T00:00:00",
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"date": "2019-01-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"date": "2018-12-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106484"
},
{
"date": "2019-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"date": "2018-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"date": "2018-12-24T16:29:00.937000",
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-16T00:00:00",
"db": "ZDI",
"id": "ZDI-19-032"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-022"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-030"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-021"
},
{
"date": "2019-01-14T00:00:00",
"db": "ZDI",
"id": "ZDI-19-029"
},
{
"date": "2019-01-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-03464"
},
{
"date": "2019-02-06T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7836"
},
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106484"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014342"
},
{
"date": "2019-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1096"
},
{
"date": "2019-02-06T20:06:42.490000",
"db": "NVD",
"id": "CVE-2018-7836"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "106484"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IIoT Monitor Vulnerable to unlimited upload of dangerous types of files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-1096"
}
],
"trust": 0.6
}
}
GSD-2018-7836
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-7836",
"description": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.",
"id": "GSD-2018-7836"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-7836"
],
"details": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.",
"id": "GSD-2018-7836",
"modified": "2023-12-13T01:22:32.648996Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2018-7836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIoT Monitor 3.1.38",
"version": {
"version_data": [
{
"version_value": "IIoT Monitor 3.1.38"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106484"
},
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:iiot_monitor:3.1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2018-7836"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
},
{
"name": "106484",
"refsource": "BID",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106484"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-02-06T20:06Z",
"publishedDate": "2018-12-24T16:29Z"
}
}
}
CNVD-2019-03464
Vulnerability from cnvd - Published: 2019-01-31
VLAI Severity ?
Title
IIoT Monitor危险类型文件上传漏洞
Description
Schneider Electric IIoT Monitor是法国施耐德电气(Schneider Electric)公司的一款工业物联网监视器。
Schneider Electric IIoT Monitor 3.1.38版本中存在安全漏洞。攻击者可利用该漏洞上传并执行恶意文件。
Severity
高
Patch Name
IIoT Monitor危险类型文件上传漏洞的补丁
Patch Description
Schneider Electric IIoT Monitor是法国施耐德电气(Schneider Electric)公司的一款工业物联网监视器。
Schneider Electric IIoT Monitor 3.1.38版本中存在安全漏洞。攻击者可利用该漏洞上传并执行恶意文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-354-03-IIoT+Monitor.pdf&p_Doc_Ref=SEVD-2018-354-03
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-7836
Impacted products
| Name | Schneider Electric IIoT Monitor 3.1.38 |
|---|
{
"bids": {
"bid": {
"bidNumber": "106484"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2018-7836"
}
},
"description": "Schneider Electric IIoT Monitor\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u7269\u8054\u7f51\u76d1\u89c6\u5668\u3002\n\nSchneider Electric IIoT Monitor 3.1.38\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u5e76\u6267\u884c\u6076\u610f\u6587\u4ef6\u3002",
"discovererName": "Trend Micro\u00e2??s Zero Day Initiative working with rgod",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-354-03-IIoT+Monitor.pdf\u0026p_Doc_Ref=SEVD-2018-354-03",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-03464",
"openTime": "2019-01-31",
"patchDescription": "Schneider Electric IIoT Monitor\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u7269\u8054\u7f51\u76d1\u89c6\u5668\u3002\r\n\r\nSchneider Electric IIoT Monitor 3.1.38\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u5e76\u6267\u884c\u6076\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "IIoT Monitor\u5371\u9669\u7c7b\u578b\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Schneider Electric IIoT Monitor 3.1.38"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-7836",
"serverity": "\u9ad8",
"submitTime": "2018-12-25",
"title": "IIoT Monitor\u5371\u9669\u7c7b\u578b\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…