cvelistv5 - cve-2021-22795

CVE-2021-22795 (GCVE-0-2021-22795)

Vulnerability from cvelistv5 – Published: 2022-03-28 16:25 – Updated: 2024-08-03 18:51

Summary

A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)

Severity ?

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78 - OS Command Injection

Assigner

schneider

References

URL

Tags

https://www.se.com/ww/en/download/document/SEVD-2…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Schneider Electric	StruxureWare Data Center Expert	Affected: unspecified , < V7.8.1 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "StruxureWare Data Center Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V7.8.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-28T16:25:23",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22795",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "StruxureWare Data Center Expert",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "V7.8.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22795",
    "datePublished": "2022-03-28T16:25:23",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.444Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.8.1\", \"matchCriteriaId\": \"D7773EA4-29BE-4527-A5E6-5271C15D8F60\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)\"}, {\"lang\": \"es\", \"value\": \"Una CWE-78: Se presenta una vulnerabilidad de Neutralizaci\\u00f3n Inapropiada de Elementos Especiales Usados en un Comando del Sistema Operativo (\\\" Inyecci\\u00f3n de Comandos del Sistema Operativo\\\") que podr\\u00eda causar una ejecuci\\u00f3n de c\\u00f3digo remota cuando es llevado a cabo a trav\\u00e9s de la red. Producto afectado: StruxureWare Data Center Expert (versiones V7.8.1 y anteriores)\"}]",
      "id": "CVE-2021-22795",
      "lastModified": "2024-11-21T05:50:41.180",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cybersecurity@se.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-04-13T16:15:09.313",
      "references": "[{\"url\": \"https://www.se.com/ww/en/download/document/SEVD-2021-257-03/\", \"source\": \"cybersecurity@se.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.se.com/ww/en/download/document/SEVD-2021-257-03/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cybersecurity@se.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cybersecurity@se.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-22795\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2022-04-13T16:15:09.313\",\"lastModified\":\"2024-11-21T05:50:41.180\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)\"},{\"lang\":\"es\",\"value\":\"Una CWE-78: Se presenta una vulnerabilidad de Neutralizaci\u00f3n Inapropiada de Elementos Especiales Usados en un Comando del Sistema Operativo (\\\" Inyecci\u00f3n de Comandos del Sistema Operativo\\\") que podr\u00eda causar una ejecuci\u00f3n de c\u00f3digo remota cuando es llevado a cabo a trav\u00e9s de la red. Producto afectado: StruxureWare Data Center Expert (versiones V7.8.1 y anteriores)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.8.1\",\"matchCriteriaId\":\"D7773EA4-29BE-4527-A5E6-5271C15D8F60\"}]}]}],\"references\":[{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2021-257-03/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2021-257-03/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2021-22795

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-22795

Aliases

CVE-2021-22795

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-22795",
    "description": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)",
    "id": "GSD-2021-22795"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-22795"
      ],
      "details": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)",
      "id": "GSD-2021-22795",
      "modified": "2023-12-13T01:23:24.460739Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "ID": "CVE-2021-22795",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "StruxureWare Data Center Expert",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "V7.8.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Schneider Electric"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-78 OS Command Injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/",
            "refsource": "MISC",
            "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.8.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22795"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-04-20T19:30Z",
      "publishedDate": "2022-04-13T16:15Z"
    }
  }
}

CERTFR-2021-AVI-705

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Modicon Premium processors with integrated Ethernet COPRO: TSXP574634, TSXP575634, TSXP576634 toutes versions
N/A	N/A	Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 toutes versions
Schneider Electric	N/A	EGX150/Link150 Ethernet Gateway versions antérieures à v5.1.24
Schneider Electric	Modicon M340	Modicon M340 Ethernet Communication modules BMXNOE0100 et BMXNOE0110 (H) toutes versions
Schneider Electric	N/A	Modicon Quantum processors with integrated Ethernet COPRO 140CPU65xxxxx toutes versions
Schneider Electric	N/A	Conext™ ComBox toutes versions
Schneider Electric	Modicon M340	Modicon M340 X80 Ethernet Communication modules BMXNOR0200H RTU versions antérieures à v1.70 IR23
Schneider Electric	Modicon M340	Modicon M340 CPU BMXP34 versions antérieures à v3.40
Schneider Electric	N/A	Acti9 Smartlink SI D toutes versions
Schneider Electric	Modicon M340	Modicon M340 Ethernet TCP/IP network module BMXNOC0401 toutes versions
Schneider Electric	N/A	StruxureWare Data Center Expert versions antérieures à v7.8.1
Schneider Electric	N/A	Modicon Quantum Communication Modules: 140NOC78x00, 140NOC77101, 140NOE771x1 toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2021-257-03 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-01 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-353-01 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-02 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-04 du 14 septembre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Modicon Premium processors with integrated Ethernet COPRO: TSXP574634, TSXP575634, TSXP576634 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "EGX150/Link150 Ethernet Gateway versions ant\u00e9rieures \u00e0 v5.1.24",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 Ethernet Communication modules BMXNOE0100 et BMXNOE0110 (H) toutes versions",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Quantum processors with integrated Ethernet COPRO 140CPU65xxxxx toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Conext\u2122 ComBox toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 X80 Ethernet Communication modules BMXNOR0200H RTU versions ant\u00e9rieures \u00e0 v1.70 IR23",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 CPU BMXP34 versions ant\u00e9rieures \u00e0 v3.40",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Acti9 Smartlink SI D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 Ethernet TCP/IP network module BMXNOC0401 toutes versions",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "StruxureWare Data Center Expert versions ant\u00e9rieures \u00e0 v7.8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Quantum Communication Modules: 140NOC78x00, 140NOC77101, 140NOE771x1 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22795"
    },
    {
      "name": "CVE-2020-27336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27336"
    },
    {
      "name": "CVE-2021-22797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22797"
    },
    {
      "name": "CVE-2020-27337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27337"
    },
    {
      "name": "CVE-2021-22794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22794"
    },
    {
      "name": "CVE-2020-27338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27338"
    },
    {
      "name": "CVE-2021-22788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22788"
    },
    {
      "name": "CVE-2021-22798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22798"
    },
    {
      "name": "CVE-2021-22787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22787"
    },
    {
      "name": "CVE-2021-22785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22785"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-705",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-09-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-03 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-01 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-353-01 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-353-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-02 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-04 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-04"
    }
  ]
}

CERTFR-2021-AVI-705

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Modicon Premium processors with integrated Ethernet COPRO: TSXP574634, TSXP575634, TSXP576634 toutes versions
N/A	N/A	Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 toutes versions
Schneider Electric	N/A	EGX150/Link150 Ethernet Gateway versions antérieures à v5.1.24
Schneider Electric	Modicon M340	Modicon M340 Ethernet Communication modules BMXNOE0100 et BMXNOE0110 (H) toutes versions
Schneider Electric	N/A	Modicon Quantum processors with integrated Ethernet COPRO 140CPU65xxxxx toutes versions
Schneider Electric	N/A	Conext™ ComBox toutes versions
Schneider Electric	Modicon M340	Modicon M340 X80 Ethernet Communication modules BMXNOR0200H RTU versions antérieures à v1.70 IR23
Schneider Electric	Modicon M340	Modicon M340 CPU BMXP34 versions antérieures à v3.40
Schneider Electric	N/A	Acti9 Smartlink SI D toutes versions
Schneider Electric	Modicon M340	Modicon M340 Ethernet TCP/IP network module BMXNOC0401 toutes versions
Schneider Electric	N/A	StruxureWare Data Center Expert versions antérieures à v7.8.1
Schneider Electric	N/A	Modicon Quantum Communication Modules: 140NOC78x00, 140NOC77101, 140NOE771x1 toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2021-257-03 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-01 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-353-01 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-02 du 14 septembre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-257-04 du 14 septembre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Modicon Premium processors with integrated Ethernet COPRO: TSXP574634, TSXP575634, TSXP576634 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "EGX150/Link150 Ethernet Gateway versions ant\u00e9rieures \u00e0 v5.1.24",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 Ethernet Communication modules BMXNOE0100 et BMXNOE0110 (H) toutes versions",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Quantum processors with integrated Ethernet COPRO 140CPU65xxxxx toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Conext\u2122 ComBox toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 X80 Ethernet Communication modules BMXNOR0200H RTU versions ant\u00e9rieures \u00e0 v1.70 IR23",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 CPU BMXP34 versions ant\u00e9rieures \u00e0 v3.40",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Acti9 Smartlink SI D toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M340 Ethernet TCP/IP network module BMXNOC0401 toutes versions",
      "product": {
        "name": "Modicon M340",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "StruxureWare Data Center Expert versions ant\u00e9rieures \u00e0 v7.8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon Quantum Communication Modules: 140NOC78x00, 140NOC77101, 140NOE771x1 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22795"
    },
    {
      "name": "CVE-2020-27336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27336"
    },
    {
      "name": "CVE-2021-22797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22797"
    },
    {
      "name": "CVE-2020-27337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27337"
    },
    {
      "name": "CVE-2021-22794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22794"
    },
    {
      "name": "CVE-2020-27338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27338"
    },
    {
      "name": "CVE-2021-22788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22788"
    },
    {
      "name": "CVE-2021-22798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22798"
    },
    {
      "name": "CVE-2021-22787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22787"
    },
    {
      "name": "CVE-2021-22785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22785"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-705",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-09-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-03 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-01 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-353-01 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-353-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-02 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-04 du 14 septembre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-04"
    }
  ]
}

VAR-202109-1929

Vulnerability from variot - Updated: 2021-12-18 15:40

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric Struxureware Data Center Expert. Authentication is required to exploit this vulnerability.The specific flaw exists within the testRepository method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202109-1929",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "struxureware data center expert",
        "scope": null,
        "trust": 0.7,
        "vendor": "schneider electric",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "David Yesland",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ],
    "trust": 1.3
  },
  "cve": "CVE-2021-22795",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2021-22795",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2021-22795",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202109-989",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric Struxureware Data Center Expert. Authentication is required to exploit this vulnerability.The specific flaw exists within the testRepository method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22795"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-22795",
        "trust": 1.4
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072",
        "trust": 1.4
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-13553",
        "trust": 0.7
      },
      {
        "db": "MCAFEE",
        "id": "SB20210",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3095",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-257-03",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22795",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22795"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "id": "VAR-202109-1929",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.1196509
  },
  "last_update_date": "2021-12-18T15:40:54.171000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Schneider Electric has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-257-03"
      },
      {
        "title": "Schneider Electric Struxureware Data Center Expert Fixes for operating system command injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=162791"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.3,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-257-03"
      },
      {
        "trust": 0.7,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-21-1072/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021091511"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3095"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22795"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22795"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-09-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "date": null,
        "db": "VULMON",
        "id": "CVE-2021-22795"
      },
      {
        "date": "2021-09-15T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-09-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      },
      {
        "date": null,
        "db": "VULMON",
        "id": "CVE-2021-22795"
      },
      {
        "date": "2021-09-15T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Schneider Electric Struxureware Data Center Expert Command Injection Remote Code Execution Vulnerability",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-1072"
      }
    ],
    "trust": 0.7
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202109-989"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2021-22795

Vulnerability from fkie_nvd - Published: 2022-04-13 16:15 - Updated: 2024-11-21 05:50

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2021-257-03/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2021-257-03/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	schneider-electric	struxureware_data_center_expert	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7773EA4-29BE-4527-A5E6-5271C15D8F60",
              "versionEndIncluding": "7.8.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)"
    },
    {
      "lang": "es",
      "value": "Una CWE-78: Se presenta una vulnerabilidad de Neutralizaci\u00f3n Inapropiada de Elementos Especiales Usados en un Comando del Sistema Operativo (\" Inyecci\u00f3n de Comandos del Sistema Operativo\") que podr\u00eda causar una ejecuci\u00f3n de c\u00f3digo remota cuando es llevado a cabo a trav\u00e9s de la red. Producto afectado: StruxureWare Data Center Expert (versiones V7.8.1 y anteriores)"
    }
  ],
  "id": "CVE-2021-22795",
  "lastModified": "2024-11-21T05:50:41.180",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-13T16:15:09.313",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

GHSA-9PC8-6CRF-R3RV

Vulnerability from github – Published: 2022-04-14 00:00 – Updated: 2022-04-21 00:00

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-22795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-13T16:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability exists that could cause remote code execution when performed over the network. Affected Product: StruxureWare Data Center Expert (V7.8.1 and prior)",
  "id": "GHSA-9pc8-6crf-r3rv",
  "modified": "2022-04-21T00:00:38Z",
  "published": "2022-04-14T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22795"
    },
    {
      "type": "WEB",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2021-257-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-21-257-03

Vulnerability from csaf_cisa - Published: 2021-09-14 00:00 - Updated: 2021-09-14 00:00

Summary

Schneider Electric Struxureware Data Center Expert

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow remote code execution.

Critical infrastructure sectors

Commercial Facilities, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "David Yesland"
        ],
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-257-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-257-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-257-03 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-257-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Schneider Electric Struxureware Data Center Expert",
    "tracking": {
      "current_release_date": "2021-09-14T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-21-257-03",
      "initial_release_date": "2021-09-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2021-09-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-21-257-03 Schneider Electric Struxureware Data Center Expert"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 7.8.1",
                "product": {
                  "name": "Struxureware Data Center: Expert Versions 7.8.1 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Struxureware Data Center"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-22795",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to an OS command injection, which may allow an attacker to remotely execute code over the network.CVE-2021-22795 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22795"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric has established a remediation plan for future versions of StruxureWare Data Center Expert to fix these vulnerabilities. Until the fix is released, users should immediately follow the security hardening guidelines found in Schneider Electric\u0027s Data Center Expert Security Handbook to reduce the risk of exploit.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://dcimsupport.ecostruxureit.com/hc/en-us/articles/360039289633-Data-Center-Expert-Security-Handbook"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has released security advisory SEVD-2021-257-03 in response to these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-03"
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Place all controllers in locked cabinets and never leave them in \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit software updates to only those networks where devices targeted by the software updates reside.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Scan all methods of mobile data exchange with the isolated network (e.g., CDs, USB drives, etc.) before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and systems, and ensure they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information, refer to the Schneider Electric Recommended Cybersecurity Best Practices document.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/us/en/download/document/7EN52-0390/"
        },
        {
          "category": "mitigation",
          "details": "For more details and assistance on how to protect a user\u0027s installation, contact the local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/work/solutions/cybersecurity/"
        },
        {
          "category": "mitigation",
          "details": "For further information related to cybersecurity in Schneider Electric\u0027s products, visit the company\u0027s cybersecurity support portal page.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/us/en/work/support/cybersecurity/overview.jsp"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2021-22794",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to directory traversal, which may allow an attacker to remotely execute code.CVE-2021-22794 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22794"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric has established a remediation plan for future versions of StruxureWare Data Center Expert to fix these vulnerabilities. Until the fix is released, users should immediately follow the security hardening guidelines found in Schneider Electric\u0027s Data Center Expert Security Handbook to reduce the risk of exploit.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://dcimsupport.ecostruxureit.com/hc/en-us/articles/360039289633-Data-Center-Expert-Security-Handbook"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has released security advisory SEVD-2021-257-03 in response to these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-03"
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Place all controllers in locked cabinets and never leave them in \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit software updates to only those networks where devices targeted by the software updates reside.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Scan all methods of mobile data exchange with the isolated network (e.g., CDs, USB drives, etc.) before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and systems, and ensure they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information, refer to the Schneider Electric Recommended Cybersecurity Best Practices document.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/us/en/download/document/7EN52-0390/"
        },
        {
          "category": "mitigation",
          "details": "For more details and assistance on how to protect a user\u0027s installation, contact the local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/work/solutions/cybersecurity/"
        },
        {
          "category": "mitigation",
          "details": "For further information related to cybersecurity in Schneider Electric\u0027s products, visit the company\u0027s cybersecurity support portal page.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/us/en/work/support/cybersecurity/overview.jsp"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-22795 (GCVE-0-2021-22795)

GSD-2021-22795

CERTFR-2021-AVI-705

Solution

CERTFR-2021-AVI-705

Solution

VAR-202109-1929

FKIE_CVE-2021-22795

GHSA-9PC8-6CRF-R3RV

ICSA-21-257-03

Tags

Sightings

Nomenclature