cvelistv5 - cve-2020-26867

CVE-2020-26867 (GCVE-0-2020-26867)

Vulnerability from cvelistv5 – Published: 2020-10-12 13:54 – Updated: 2024-09-16 22:16

Summary

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

Kaspersky

References

URL

Tags

	https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03	x_refsource_MISC
	https://www.pcvuesolutions.com/security	x_refsource_CONFIRM
	https://ics-cert.kaspersky.com/advisories/klcert-…	x_refsource_CONFIRM
	https://www.pcvuesolutions.com/support/index.php/…	x_refsource_CONFIRM
	https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	ARC Informatique	PcVue	Affected: unspecified , ≤ 12.0.17 (custom)

Credits

Sergey Temnikov and Andrey Muravitsky of Kaspersky Lab reported these vulnerabilities to ARC Informatique.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:03:22.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.pcvuesolutions.com/security"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PcVue",
          "vendor": "ARC Informatique",
          "versions": [
            {
              "lessThanOrEqual": "12.0.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sergey Temnikov and Andrey Muravitsky of Kaspersky Lab reported these vulnerabilities to ARC Informatique."
        }
      ],
      "datePublic": "2020-11-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502: Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-11T15:15:36",
        "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "shortName": "Kaspersky"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.pcvuesolutions.com/security"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version."
        }
      ],
      "source": {
        "advisory": "ICSA-20-308-03",
        "discovery": "UNKNOWN"
      },
      "title": "ARC Informatique PcVue Deserialization of Untrusted Data",
      "workarounds": [
        {
          "lang": "en",
          "value": "The following mitigations and workarounds have been identified by ARC Informatique to help reduce risk:\n\nUninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.\nChange default configuration if using components prior to v12.0. If taking advantage of the web and mobile back features with a product version up to v11.2, change the following configuration item manually to prevent remote code execution\nIn the file \u003cPcVue installation directory\u003e\\Bin\\PropertyServer.config\u003e, change the following element and set it to \u201cLow\u201d (defaults to \u201cFull\u201d):\n                   \u003cserverProviders\u003e\n                                            \u003cformatter ref=\u201dbinary\u201d typeFilterLevel=\u201dLow\u201d /\u003e\n                   \u003c/serverProviders\u003e\n\n \nThis workaround cannot be applied to PcVue v12.0\nHarden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerability@kaspersky.com",
          "DATE_PUBLIC": "2020-11-03T00:00:00.000Z",
          "ID": "CVE-2020-26867",
          "STATE": "PUBLIC",
          "TITLE": "ARC Informatique PcVue Deserialization of Untrusted Data"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PcVue",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "12.0.17"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ARC Informatique"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Sergey Temnikov and Andrey Muravitsky of Kaspersky Lab reported these vulnerabilities to ARC Informatique."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-502: Deserialization of Untrusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
            },
            {
              "name": "https://www.pcvuesolutions.com/security",
              "refsource": "CONFIRM",
              "url": "https://www.pcvuesolutions.com/security"
            },
            {
              "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/",
              "refsource": "CONFIRM",
              "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
            },
            {
              "name": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1",
              "refsource": "CONFIRM",
              "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03",
              "refsource": "CONFIRM",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version."
          }
        ],
        "source": {
          "advisory": "ICSA-20-308-03",
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The following mitigations and workarounds have been identified by ARC Informatique to help reduce risk:\n\nUninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.\nChange default configuration if using components prior to v12.0. If taking advantage of the web and mobile back features with a product version up to v11.2, change the following configuration item manually to prevent remote code execution\nIn the file \u003cPcVue installation directory\u003e\\Bin\\PropertyServer.config\u003e, change the following element and set it to \u201cLow\u201d (defaults to \u201cFull\u201d):\n                   \u003cserverProviders\u003e\n                                            \u003cformatter ref=\u201dbinary\u201d typeFilterLevel=\u201dLow\u201d /\u003e\n                   \u003c/serverProviders\u003e\n\n \nThis workaround cannot be applied to PcVue v12.0\nHarden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
    "assignerShortName": "Kaspersky",
    "cveId": "CVE-2020-26867",
    "datePublished": "2020-10-12T13:54:47.081903Z",
    "dateReserved": "2020-10-07T00:00:00",
    "dateUpdated": "2024-09-16T22:16:02.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:pcvuesolutions:pcvue:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.10\", \"versionEndExcluding\": \"12.0.17\", \"matchCriteriaId\": \"DF882021-E262-4139-AF33-87FE5A6C3E1D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.\"}, {\"lang\": \"es\", \"value\": \"ARC Informatique PcVue anterior a la versi\\u00f3n 12.0.17 es vulnerable debido a la deserializaci\\u00f3n de datos no confiables, lo que puede permitir a un atacante ejecutar remotamente un c\\u00f3digo arbitrario en la web y en el servidor de back-end m\\u00f3vil\"}]",
      "id": "CVE-2020-26867",
      "lastModified": "2024-11-21T05:20:23.010",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"vulnerability@kaspersky.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-10-12T14:15:12.260",
      "references": "[{\"url\": \"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/\", \"source\": \"vulnerability@kaspersky.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\", \"source\": \"vulnerability@kaspersky.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\", \"source\": \"vulnerability@kaspersky.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.pcvuesolutions.com/security\", \"source\": \"vulnerability@kaspersky.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1\", \"source\": \"vulnerability@kaspersky.com\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.pcvuesolutions.com/security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "vulnerability@kaspersky.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"vulnerability@kaspersky.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-26867\",\"sourceIdentifier\":\"vulnerability@kaspersky.com\",\"published\":\"2020-10-12T14:15:12.260\",\"lastModified\":\"2024-11-21T05:20:23.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.\"},{\"lang\":\"es\",\"value\":\"ARC Informatique PcVue anterior a la versi\u00f3n 12.0.17 es vulnerable debido a la deserializaci\u00f3n de datos no confiables, lo que puede permitir a un atacante ejecutar remotamente un c\u00f3digo arbitrario en la web y en el servidor de back-end m\u00f3vil\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"vulnerability@kaspersky.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"vulnerability@kaspersky.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pcvuesolutions:pcvue:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.10\",\"versionEndExcluding\":\"12.0.17\",\"matchCriteriaId\":\"DF882021-E262-4139-AF33-87FE5A6C3E1D\"}]}]}],\"references\":[{\"url\":\"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/\",\"source\":\"vulnerability@kaspersky.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\",\"source\":\"vulnerability@kaspersky.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\",\"source\":\"vulnerability@kaspersky.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.pcvuesolutions.com/security\",\"source\":\"vulnerability@kaspersky.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1\",\"source\":\"vulnerability@kaspersky.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.pcvuesolutions.com/security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]}]}}"
  }
}

CNVD-2020-57822

Vulnerability from cnvd - Published: 2020-10-21

Title

ARC Informatique PcVue远程代码执行漏洞

Description

Pcvue是法国彩虹（ARC Informatique）的一款多功能HMI-SCADA软件，是可以监测客户资产的各个方面的一体化方案。PcVue被广泛应用于工业控制，楼宇管理，能源管理，智能电网，能源分布，变电站自动化，安防/消防系统，公用设施，物料搬运，交通运输，可再生能源和基础设施等领域。 PcVue 8.10版本及之后版本存在远程代码执行漏洞，该漏洞源于存在一个远程代码执行漏洞，这是由于在接口上接收到的消息不安全的反序列化。攻击者可利用该漏洞执行代码。

Severity

高

Patch Name

ARC Informatique PcVue远程代码执行漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.pcvuesolutions.com/index.php/support-a-services/resources/security-alerts-95138

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-26867

Impacted products

Name
ARC Informatique PCVue >=8.10

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-26867",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-26867"
    }
  },
  "description": "Pcvue\u662f\u6cd5\u56fd\u5f69\u8679\uff08ARC Informatique\uff09\u7684\u4e00\u6b3e\u591a\u529f\u80fdHMI-SCADA\u8f6f\u4ef6\uff0c\u662f\u53ef\u4ee5\u76d1\u6d4b\u5ba2\u6237\u8d44\u4ea7\u7684\u5404\u4e2a\u65b9\u9762\u7684\u4e00\u4f53\u5316\u65b9\u6848\u3002PcVue\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u5de5\u4e1a\u63a7\u5236\uff0c\u697c\u5b87\u7ba1\u7406\uff0c\u80fd\u6e90\u7ba1\u7406\uff0c\u667a\u80fd\u7535\u7f51\uff0c\u80fd\u6e90\u5206\u5e03\uff0c\u53d8\u7535\u7ad9\u81ea\u52a8\u5316\uff0c\u5b89\u9632/\u6d88\u9632\u7cfb\u7edf\uff0c\u516c\u7528\u8bbe\u65bd\uff0c\u7269\u6599\u642c\u8fd0\uff0c\u4ea4\u901a\u8fd0\u8f93\uff0c\u53ef\u518d\u751f\u80fd\u6e90\u548c\u57fa\u7840\u8bbe\u65bd\u7b49\u9886\u57df\u3002\n\nPcVue 8.10\u7248\u672c\u53ca\u4e4b\u540e\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5b58\u5728\u4e00\u4e2a\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fd9\u662f\u7531\u4e8e\u5728\u63a5\u53e3\u4e0a\u63a5\u6536\u5230\u7684\u6d88\u606f\u4e0d\u5b89\u5168\u7684\u53cd\u5e8f\u5217\u5316\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.pcvuesolutions.com/index.php/support-a-services/resources/security-alerts-95138",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-57822",
  "openTime": "2020-10-21",
  "patchDescription": "Pcvue\u662f\u6cd5\u56fd\u5f69\u8679\uff08ARC Informatique\uff09\u7684\u4e00\u6b3e\u591a\u529f\u80fdHMI-SCADA\u8f6f\u4ef6\uff0c\u662f\u53ef\u4ee5\u76d1\u6d4b\u5ba2\u6237\u8d44\u4ea7\u7684\u5404\u4e2a\u65b9\u9762\u7684\u4e00\u4f53\u5316\u65b9\u6848\u3002PcVue\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u5de5\u4e1a\u63a7\u5236\uff0c\u697c\u5b87\u7ba1\u7406\uff0c\u80fd\u6e90\u7ba1\u7406\uff0c\u667a\u80fd\u7535\u7f51\uff0c\u80fd\u6e90\u5206\u5e03\uff0c\u53d8\u7535\u7ad9\u81ea\u52a8\u5316\uff0c\u5b89\u9632/\u6d88\u9632\u7cfb\u7edf\uff0c\u516c\u7528\u8bbe\u65bd\uff0c\u7269\u6599\u642c\u8fd0\uff0c\u4ea4\u901a\u8fd0\u8f93\uff0c\u53ef\u518d\u751f\u80fd\u6e90\u548c\u57fa\u7840\u8bbe\u65bd\u7b49\u9886\u57df\u3002\r\n\r\nPcVue 8.10\u7248\u672c\u53ca\u4e4b\u540e\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5b58\u5728\u4e00\u4e2a\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fd9\u662f\u7531\u4e8e\u5728\u63a5\u53e3\u4e0a\u63a5\u6536\u5230\u7684\u6d88\u606f\u4e0d\u5b89\u5168\u7684\u53cd\u5e8f\u5217\u5316\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ARC Informatique PcVue\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "ARC Informatique PCVue \u003e=8.10"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-26867",
  "serverity": "\u9ad8",
  "submitTime": "2020-10-13",
  "title": "ARC Informatique PcVue\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CERTFR-2020-AVI-685

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans ARC Informatique pcVue. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	pcVue 11.x versions antérieures à 11.2
	N/A	N/A	pcVue 12.x versions antérieures à 12.0.17

References

Title

Publication Time

Tags

Bulletin de sécurité ARC Informatique du 05 octobre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "pcVue 11.x versions ant\u00e9rieures \u00e0 11.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "pcVue 12.x versions ant\u00e9rieures \u00e0 12.0.17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26868"
    },
    {
      "name": "CVE-2020-26867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26867"
    },
    {
      "name": "CVE-2020-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26869"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-685",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-10-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ARC Informatique\npcVue. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans ARC Informatique pcVue",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ARC Informatique du 05 octobre 2020",
      "url": "https://www.pcvuesolutions.com/france/index.php/support/ressources/alertes-de-securite"
    }
  ]
}

CERTFR-2021-AVI-591

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans ARC Informatique PcVue. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données. Un avis avait déjà fait l'objet d'une rédaction sur le site du CERT-FR. Il est disponible à l'adresse suivante : .

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	PcVue 15.x versions antérieures à 15.1.2
N/A	N/A	PcVue 11.x versions antérieures à 11.2.06100
N/A	N/A	PcVue 12.x versions antérieures à 12.0.23

References

Title

Publication Time

Tags

Bulletin de sécurité ARC Informatique du 02 août 2021	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-685 du 05 octobre 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PcVue 15.x versions ant\u00e9rieures \u00e0 15.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "PcVue 11.x versions ant\u00e9rieures \u00e0 11.2.06100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "PcVue 12.x versions ant\u00e9rieures \u00e0 12.0.23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26868"
    },
    {
      "name": "CVE-2020-26867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26867"
    },
    {
      "name": "CVE-2020-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26869"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-685 du 05 octobre 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-685/"
    }
  ],
  "reference": "CERTFR-2021-AVI-591",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ARC Informatique\nPcVue. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es. Un avis avait d\u00e9j\u00e0 fait\nl\u0027objet d\u0027une r\u00e9daction sur le site du CERT-FR. Il est disponible \u00e0\nl\u0027adresse suivante :\n\u003c/avis/CERTFR-2020-AVI-685/\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans ARC Informatique PcVue",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ARC Informatique du 02 ao\u00fbt 2021",
      "url": "https://www.pcvuesolutions.com/france/index.php/support/ressources/alertes-de-securite"
    }
  ]
}

CERTFR-2021-AVI-591

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	PcVue 15.x versions antérieures à 15.1.2
N/A	N/A	PcVue 11.x versions antérieures à 11.2.06100
N/A	N/A	PcVue 12.x versions antérieures à 12.0.23

References

Title

Publication Time

Tags

Bulletin de sécurité ARC Informatique du 02 août 2021	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-685 du 05 octobre 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PcVue 15.x versions ant\u00e9rieures \u00e0 15.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "PcVue 11.x versions ant\u00e9rieures \u00e0 11.2.06100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "PcVue 12.x versions ant\u00e9rieures \u00e0 12.0.23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26868"
    },
    {
      "name": "CVE-2020-26867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26867"
    },
    {
      "name": "CVE-2020-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26869"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-685 du 05 octobre 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-685/"
    }
  ],
  "reference": "CERTFR-2021-AVI-591",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ARC Informatique\nPcVue. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es. Un avis avait d\u00e9j\u00e0 fait\nl\u0027objet d\u0027une r\u00e9daction sur le site du CERT-FR. Il est disponible \u00e0\nl\u0027adresse suivante :\n\u003c/avis/CERTFR-2020-AVI-685/\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans ARC Informatique PcVue",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ARC Informatique du 02 ao\u00fbt 2021",
      "url": "https://www.pcvuesolutions.com/france/index.php/support/ressources/alertes-de-securite"
    }
  ]
}

CERTFR-2020-AVI-685

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	pcVue 11.x versions antérieures à 11.2
	N/A	N/A	pcVue 12.x versions antérieures à 12.0.17

References

Title

Publication Time

Tags

Bulletin de sécurité ARC Informatique du 05 octobre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "pcVue 11.x versions ant\u00e9rieures \u00e0 11.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "pcVue 12.x versions ant\u00e9rieures \u00e0 12.0.17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26868"
    },
    {
      "name": "CVE-2020-26867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26867"
    },
    {
      "name": "CVE-2020-26869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26869"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-685",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-10-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans ARC Informatique\npcVue. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans ARC Informatique pcVue",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ARC Informatique du 05 octobre 2020",
      "url": "https://www.pcvuesolutions.com/france/index.php/support/ressources/alertes-de-securite"
    }
  ]
}

GHSA-7X49-VPW9-2VMR

Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2022-10-19 19:00

Details

A Remote Code Execution vulnerability exists in PcVue from version 8.10 onward, due to the unsafe deserialization of messages received on the interface.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-26867"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-12T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A Remote Code Execution vulnerability exists in PcVue from version 8.10 onward, due to the unsafe deserialization of messages received on the interface.",
  "id": "GHSA-7x49-vpw9-2vmr",
  "modified": "2022-10-19T19:00:20Z",
  "published": "2022-05-24T17:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26867"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
    },
    {
      "type": "WEB",
      "url": "https://www.pcvuesolutions.com/index.php/support-a-services/resources/security-alerts-95138"
    },
    {
      "type": "WEB",
      "url": "https://www.pcvuesolutions.com/security"
    },
    {
      "type": "WEB",
      "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-20-308-03

Vulnerability from csaf_cisa - Published: 2020-11-03 00:00 - Updated: 2021-01-05 00:00

Summary

ARC Informatique PcVue (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, expose sensitive data, and prevent legitimate users from connecting to PcVue services.

Critical infrastructure sectors

Multiple Sectors

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Sergey Temnikov",
          "Andrey Muravitsky"
        ],
        "organization": "Kaspersky Lab",
        "summary": "reporting these vulnerabilities to ARC Informatique"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, expose sensitive data, and prevent legitimate users from connecting to PcVue services.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-308-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-308-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-308-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-308-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "ARC Informatique PcVue (Update A)",
    "tracking": {
      "current_release_date": "2021-01-05T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-20-308-03",
      "initial_release_date": "2020-11-03T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2020-11-03T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-20-308-03 ARC Informatique PcVue"
        },
        {
          "date": "2021-01-05T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-20-308-03 ARC Informatique PcVue (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 8.10 | \u003c 12.0.17",
                "product": {
                  "name": "PcVue: Versions 8.10 to versions prior to 12.0.17",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "PcVue"
          }
        ],
        "category": "vendor",
        "name": "ARC Informatique"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-26867",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.CVE-2020-26867 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26867"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/index.php/support-request-en?view=form"
        },
        {
          "category": "mitigation",
          "details": "Patches are available for Version 12 (12.0.17 Maintenance Release) and Version 11.2 (11.2.06097 Update).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Uninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Harden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information on this issue, please see Security Bulletin 2020-1 on the ARC Informatique security page.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/security/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26868",
      "cwe": {
        "id": "CWE-767",
        "name": "Access to Critical Private Variable via Public Method"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit.CVE-2020-26868 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26868"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/index.php/support-request-en?view=form"
        },
        {
          "category": "mitigation",
          "details": "Patches are available for Version 12 (12.0.17 Maintenance Release) and Version 11.2 (11.2.06097 Update).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Uninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Harden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information on this issue, please see Security Bulletin 2020-1 on the ARC Informatique security page.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/security/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26869",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit.CVE-2020-26869 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26869"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/index.php/support-request-en?view=form"
        },
        {
          "category": "mitigation",
          "details": "Patches are available for Version 12 (12.0.17 Maintenance Release) and Version 11.2 (11.2.06097 Update).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Uninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Harden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information on this issue, please see Security Bulletin 2020-1 on the ARC Informatique security page.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.pcvuesolutions.com/security/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

GSD-2020-26867

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-26867

Aliases

CVE-2020-26867

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-26867",
    "description": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.",
    "id": "GSD-2020-26867"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-26867"
      ],
      "details": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.",
      "id": "GSD-2020-26867",
      "modified": "2023-12-13T01:22:09.196096Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vulnerability@kaspersky.com",
        "DATE_PUBLIC": "2020-11-03T00:00:00.000Z",
        "ID": "CVE-2020-26867",
        "STATE": "PUBLIC",
        "TITLE": "ARC Informatique PcVue Deserialization of Untrusted Data"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PcVue",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_value": "12.0.17"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ARC Informatique"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Sergey Temnikov and Andrey Muravitsky of Kaspersky Lab reported these vulnerabilities to ARC Informatique."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-502: Deserialization of Untrusted Data"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03",
            "refsource": "MISC",
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
          },
          {
            "name": "https://www.pcvuesolutions.com/security",
            "refsource": "CONFIRM",
            "url": "https://www.pcvuesolutions.com/security"
          },
          {
            "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/",
            "refsource": "CONFIRM",
            "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
          },
          {
            "name": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1",
            "refsource": "CONFIRM",
            "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
          },
          {
            "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03",
            "refsource": "CONFIRM",
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "ARC Informatique recommends upgrading PcVue to v12.0.17. Contact PcVue Support to receive instructions on downloading and installing the latest software version."
        }
      ],
      "source": {
        "advisory": "ICSA-20-308-03",
        "discovery": "UNKNOWN"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "The following mitigations and workarounds have been identified by ARC Informatique to help reduce risk:\n\nUninstall the web and mobile backend. Users not using the affected components should uninstall them. If the components are not required, do not install them.\nChange default configuration if using components prior to v12.0. If taking advantage of the web and mobile back features with a product version up to v11.2, change the following configuration item manually to prevent remote code execution\nIn the file \u003cPcVue installation directory\u003e\\Bin\\PropertyServer.config\u003e, change the following element and set it to \u201cLow\u201d (defaults to \u201cFull\u201d):\n                   \u003cserverProviders\u003e\n                                            \u003cformatter ref=\u201dbinary\u201d typeFilterLevel=\u201dLow\u201d /\u003e\n                   \u003c/serverProviders\u003e\n\n \nThis workaround cannot be applied to PcVue v12.0\nHarden firewall configuration by ensuring that incoming connections on the corresponding port are authorized only if initiated by the IIS Web Server process. The listening port is configurable (default 8090) and may have been changed on the system using the Application Explorer."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pcvuesolutions:pcvue:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.0.17",
                "versionStartIncluding": "8.10",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerability@kaspersky.com",
          "ID": "CVE-2020-26867"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-502"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
            },
            {
              "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
            },
            {
              "name": "https://www.pcvuesolutions.com/security",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.pcvuesolutions.com/security"
            },
            {
              "name": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1",
              "refsource": "CONFIRM",
              "tags": [
                "Permissions Required",
                "Vendor Advisory"
              ],
              "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-10-19T17:26Z",
      "publishedDate": "2020-10-12T14:15Z"
    }
  }
}

VAR-202010-0506

Vulnerability from variot - Updated: 2023-12-18 12:16

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server. ARC Informatique PcVue There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pcvue is a multifunctional HMI-SCADA software of ARC Informatique, an integrated solution that can monitor all aspects of customer assets. PcVue is widely used in industrial control, building management, energy management, smart grid, energy distribution, substation automation, security/fire protection systems, public facilities, material handling, transportation, renewable energy, and infrastructure.

PcVue 8.10 and later versions have a remote code execution vulnerability. The vulnerability stems from a remote code execution vulnerability due to the unsafe deserialization of messages received on the interface. Attackers can use this vulnerability to execute code

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0506",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pcvue",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "pcvuesolutions",
        "version": "8.10"
      },
      {
        "model": "pcvue",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "pcvuesolutions",
        "version": "12.0.17"
      },
      {
        "model": "pcvue",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "arc informatique",
        "version": null
      },
      {
        "model": "pcvue",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "arc informatique",
        "version": "12.0.17  less than"
      },
      {
        "model": "informatique pcvue",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "arc",
        "version": "8.10"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pcvuesolutions:pcvue:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.0.17",
                "versionStartIncluding": "8.10",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      }
    ]
  },
  "cve": "CVE-2020-26867",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2020-26867",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-57822",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-012253",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-26867",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "vulnerability@kaspersky.com",
            "id": "CVE-2020-26867",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-57822",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202010-437",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-26867",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server. ARC Informatique PcVue There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pcvue is a multifunctional HMI-SCADA software of ARC Informatique, an integrated solution that can monitor all aspects of customer assets. PcVue is widely used in industrial control, building management, energy management, smart grid, energy distribution, substation automation, security/fire protection systems, public facilities, material handling, transportation, renewable energy, and infrastructure. \n\r\n\r\nPcVue 8.10 and later versions have a remote code execution vulnerability. The vulnerability stems from a remote code execution vulnerability due to the unsafe deserialization of messages received on the interface. Attackers can use this vulnerability to execute code",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-26867",
        "trust": 3.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-308-03",
        "trust": 2.4
      },
      {
        "db": "JVN",
        "id": "JVNVU95679259",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.3796",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "id": "VAR-202010-0506",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      }
    ],
    "trust": 1.56875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:16:49.505000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Alerts",
        "trust": 0.8,
        "url": "https://www.pcvuesolutions.com/security"
      },
      {
        "title": "Patch for ARC Informatique PcVue remote code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/236968"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-502",
        "trust": 1.0
      },
      {
        "problemtype": "Deserialization of untrusted data (CWE-502) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
      },
      {
        "trust": 2.5,
        "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26867"
      },
      {
        "trust": 1.6,
        "url": "https://www.pcvuesolutions.com/security"
      },
      {
        "trust": 1.6,
        "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu95679259/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.pcvuesolutions.com/index.php/support-a-services/resources/security-alerts-95138"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.3796/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/502.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "date": "2020-10-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "date": "2021-04-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "date": "2020-10-12T14:15:12.260000",
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "date": "2020-10-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-57822"
      },
      {
        "date": "2020-12-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-26867"
      },
      {
        "date": "2021-04-27T09:05:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      },
      {
        "date": "2022-10-19T17:26:39.293000",
        "db": "NVD",
        "id": "CVE-2020-26867"
      },
      {
        "date": "2020-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ARC\u00a0Informatique\u00a0PcVue\u00a0 Untrusted Data Deserialization Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-012253"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202010-437"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2020-26867

Vulnerability from fkie_nvd - Published: 2020-10-12 14:15 - Updated: 2024-11-21 05:20

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
vulnerability@kaspersky.com	https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/	Broken Link
vulnerability@kaspersky.com	https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03	Third Party Advisory, US Government Resource
vulnerability@kaspersky.com	https://www.pcvuesolutions.com/security	Vendor Advisory
vulnerability@kaspersky.com	https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1	Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.pcvuesolutions.com/security	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1	Permissions Required, Vendor Advisory

Impacted products

	Vendor	Product	Version
	pcvuesolutions	pcvue	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pcvuesolutions:pcvue:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF882021-E262-4139-AF33-87FE5A6C3E1D",
              "versionEndExcluding": "12.0.17",
              "versionStartIncluding": "8.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."
    },
    {
      "lang": "es",
      "value": "ARC Informatique PcVue anterior a la versi\u00f3n 12.0.17 es vulnerable debido a la deserializaci\u00f3n de datos no confiables, lo que puede permitir a un atacante ejecutar remotamente un c\u00f3digo arbitrario en la web y en el servidor de back-end m\u00f3vil"
    }
  ],
  "id": "CVE-2020-26867",
  "lastModified": "2024-11-21T05:20:23.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "vulnerability@kaspersky.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-12T14:15:12.260",
  "references": [
    {
      "source": "vulnerability@kaspersky.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.pcvuesolutions.com/security"
    },
    {
      "source": "vulnerability@kaspersky.com",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.pcvuesolutions.com/security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1"
    }
  ],
  "sourceIdentifier": "vulnerability@kaspersky.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "vulnerability@kaspersky.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-26867 (GCVE-0-2020-26867)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature