cvelistv5 - cve-2021-33841

CVE-2021-33841 (GCVE-0-2021-33841)

Vulnerability from cvelistv5 – Published: 2021-06-09 11:50 – Updated: 2024-09-16 17:59

Summary

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

Severity ?

10 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

INCIBE

References

URL

Tags

https://www.incibe.es/en/incibe-cert/notices/avis…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Circutor	SGE-PLC1000	Affected: 0.9.2b

Credits

Industrial Cybersecurity team of S21sec, special mention to Aarón Flecha Menéndez.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:58:23.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SGE-PLC1000",
          "vendor": "Circutor",
          "versions": [
            {
              "status": "affected",
              "version": "0.9.2b"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Industrial Cybersecurity team of S21sec, special mention to Aar\u00f3n Flecha Men\u00e9ndez."
        }
      ],
      "datePublic": "2021-06-07T22:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
            }
          ],
          "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-22T12:26:06.361Z",
        "orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
        "shortName": "INCIBE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue can be solved through a firmware upgrade that has already been released by the vendor."
            }
          ],
          "value": "This issue can be solved through a firmware upgrade that has already been released by the vendor."
        }
      ],
      "source": {
        "advisory": "INCIBE-2021-0227",
        "discovery": "EXTERNAL"
      },
      "title": "Circutor SGE-PLC1000 OS command Injection",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-coordination@incibe.es",
          "DATE_PUBLIC": "2021-06-08T08:00:00.000Z",
          "ID": "CVE-2021-33841",
          "STATE": "PUBLIC",
          "TITLE": "Circutor SGE-PLC1000 OS command Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SGE-PLC1000",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "0.9.2b",
                            "version_value": "0.9.2b"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Circutor"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Industrial Cybersecurity team of S21sec, special mention to Aar\u00f3n Flecha Men\u00e9ndez."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection",
              "refsource": "CONFIRM",
              "url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue can be solved through a firmware upgrade that has already been released by the vendor."
          }
        ],
        "source": {
          "advisory": "INCIBE-2021-0227",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
    "assignerShortName": "INCIBE",
    "cveId": "CVE-2021-33841",
    "datePublished": "2021-06-09T11:50:24.638155Z",
    "dateReserved": "2021-06-04T00:00:00",
    "dateUpdated": "2024-09-16T17:59:08.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:circutor:sge-plc1000_firmware:0.9.2b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D6B02E0-DE36-45F5-AD3D-908E30548661\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:circutor:sge-plc1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFF41215-1018-42DD-9A7E-BBC2E5B4522D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.\"}, {\"lang\": \"es\", \"value\": \"Un dispositivo SGE-PLC1000, en su versi\\u00f3n de firmware 0.9.2b, no maneja algunas petici\\u00f3nes correctamente, permitiendo a un atacante remoto inyectar c\\u00f3digo en el sistema operativo con m\\u00e1ximos privilegios\"}]",
      "id": "CVE-2021-33841",
      "lastModified": "2024-11-21T06:09:40.470",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cve-coordination@incibe.es\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 10.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-06-09T12:15:07.893",
      "references": "[{\"url\": \"https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection\", \"source\": \"cve-coordination@incibe.es\"}, {\"url\": \"https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve-coordination@incibe.es",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cve-coordination@incibe.es\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-33841\",\"sourceIdentifier\":\"cve-coordination@incibe.es\",\"published\":\"2021-06-09T12:15:07.893\",\"lastModified\":\"2024-11-21T06:09:40.470\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.\"},{\"lang\":\"es\",\"value\":\"Un dispositivo SGE-PLC1000, en su versi\u00f3n de firmware 0.9.2b, no maneja algunas petici\u00f3nes correctamente, permitiendo a un atacante remoto inyectar c\u00f3digo en el sistema operativo con m\u00e1ximos privilegios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@incibe.es\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-coordination@incibe.es\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:circutor:sge-plc1000_firmware:0.9.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6B02E0-DE36-45F5-AD3D-908E30548661\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:circutor:sge-plc1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF41215-1018-42DD-9A7E-BBC2E5B4522D\"}]}]}],\"references\":[{\"url\":\"https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection\",\"source\":\"cve-coordination@incibe.es\"},{\"url\":\"https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2021-33841

Vulnerability from fkie_nvd - Published: 2021-06-09 12:15 - Updated: 2024-11-21 06:09

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

References

	URL	Tags
	cve-coordination@incibe.es	https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection
	af854a3a-2127-422b-91ae-364da2661108	https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection

Impacted products

	Vendor	Product	Version
	circutor	sge-plc1000_firmware	0.9.2b
	circutor	sge-plc1000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:circutor:sge-plc1000_firmware:0.9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6B02E0-DE36-45F5-AD3D-908E30548661",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:circutor:sge-plc1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFF41215-1018-42DD-9A7E-BBC2E5B4522D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
    },
    {
      "lang": "es",
      "value": "Un dispositivo SGE-PLC1000, en su versi\u00f3n de firmware 0.9.2b, no maneja algunas petici\u00f3nes correctamente, permitiendo a un atacante remoto inyectar c\u00f3digo en el sistema operativo con m\u00e1ximos privilegios"
    }
  ],
  "id": "CVE-2021-33841",
  "lastModified": "2024-11-21T06:09:40.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "cve-coordination@incibe.es",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-06-09T12:15:07.893",
  "references": [
    {
      "source": "cve-coordination@incibe.es",
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
    }
  ],
  "sourceIdentifier": "cve-coordination@incibe.es",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "cve-coordination@incibe.es",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-202106-1514

Vulnerability from variot - Updated: 2023-12-18 13:42

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges. SGE-PLC1000 The device has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Circutor SGE-PLC1000 is a smart metering system equipment. The main function is to manage the mains power through CIRWATT meters or other meters using PRIME technology.

There is an operating system command injection vulnerability in the Circutor SGE-PLC1000 0.9.2b firmware version

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1514",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sge-plc1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "circutor",
        "version": "0.9.2b"
      },
      {
        "model": "sge-plc1000",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "circutor",
        "version": "sge-plc1000  firmware  0.9.2b"
      },
      {
        "model": "sge-plc1000",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "circutor",
        "version": null
      },
      {
        "model": "sge-plc1000 0.9.2b",
        "scope": null,
        "trust": 0.6,
        "vendor": "circutor",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:circutor:sge-plc1000_firmware:0.9.2b:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:circutor:sge-plc1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      }
    ]
  },
  "cve": "CVE-2021-33841",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2021-33841",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-61767",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "cve-coordination@incibe.es",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-33841",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-33841",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "cve-coordination@incibe.es",
            "id": "CVE-2021-33841",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-61767",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202106-727",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-33841",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges. SGE-PLC1000 The device has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted  (DoS) It may be put into a state. Circutor SGE-PLC1000 is a smart metering system equipment. The main function is to manage the mains power through CIRWATT meters or other meters using PRIME technology. \n\r\n\r\nThere is an operating system command injection vulnerability in the Circutor SGE-PLC1000 0.9.2b firmware version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-33841",
        "trust": 3.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "id": "VAR-202106-1514",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      }
    ],
    "trust": 1.2666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:42:32.333000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top\u00a0Page",
        "trust": 0.8,
        "url": "http://circutor.com/en"
      },
      {
        "title": "Patch for Circutor SGE-PLC1000 operating system command injection vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/285731"
      },
      {
        "title": "Circutor SGE-PLC1000 Fixes for operating system command injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=154898"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.0
      },
      {
        "problemtype": "OS Command injection (CWE-78) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection"
      },
      {
        "trust": 1.0,
        "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-33841"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "date": "2021-06-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "date": "2022-03-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "date": "2021-06-09T12:15:07.893000",
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "date": "2021-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "date": "2021-06-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-33841"
      },
      {
        "date": "2022-03-04T07:19:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-008129"
      },
      {
        "date": "2023-11-22T13:15:07.610000",
        "db": "NVD",
        "id": "CVE-2021-33841"
      },
      {
        "date": "2021-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Circutor SGE-PLC1000 operating system command injection vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-61767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-727"
      }
    ],
    "trust": 0.6
  }
}

GHSA-56HW-2Q6H-3VH6

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2023-11-22 15:31

Details

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-33841"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-09T12:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.",
  "id": "GHSA-56hw-2q6h-3vh6",
  "modified": "2023-11-22T15:31:27Z",
  "published": "2022-05-24T19:04:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33841"
    },
    {
      "type": "WEB",
      "url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection"
    },
    {
      "type": "WEB",
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2021-61767

Vulnerability from cnvd - Published: 2021-08-13

Title

Circutor SGE-PLC1000操作系统命令注入漏洞

Description

Circutor SGE-PLC1000是一个智能计量系统的设备。主要功能是通过CIRWATT电表或其他采用PRIME技术的电表管理市电。 Circutor SGE-PLC1000 0.9.2b固件版本中存在操作系统命令注入漏洞，远程攻击者可利用该漏洞以最大的权限向操作系统注入代码。

Severity

高

Patch Name

Circutor SGE-PLC1000操作系统命令注入漏洞的补丁

Patch Description

Circutor SGE-PLC1000是一个智能计量系统的设备。主要功能是通过CIRWATT电表或其他采用PRIME技术的电表管理市电。 Circutor SGE-PLC1000 0.9.2b固件版本中存在操作系统命令注入漏洞，远程攻击者可利用该漏洞以最大的权限向操作系统注入代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.s21sec.com/

Reference

https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection

Impacted products

Name
circutor Circutor SGE-PLC1000 0.9.2b

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-33841",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-33841"
    }
  },
  "description": "Circutor SGE-PLC1000\u662f\u4e00\u4e2a\u667a\u80fd\u8ba1\u91cf\u7cfb\u7edf\u7684\u8bbe\u5907\u3002\u4e3b\u8981\u529f\u80fd\u662f\u901a\u8fc7CIRWATT\u7535\u8868\u6216\u5176\u4ed6\u91c7\u7528PRIME\u6280\u672f\u7684\u7535\u8868\u7ba1\u7406\u5e02\u7535\u3002\n\nCircutor SGE-PLC1000 0.9.2b\u56fa\u4ef6\u7248\u672c\u4e2d\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u6700\u5927\u7684\u6743\u9650\u5411\u64cd\u4f5c\u7cfb\u7edf\u6ce8\u5165\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.s21sec.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-61767",
  "openTime": "2021-08-13",
  "patchDescription": "Circutor SGE-PLC1000\u662f\u4e00\u4e2a\u667a\u80fd\u8ba1\u91cf\u7cfb\u7edf\u7684\u8bbe\u5907\u3002\u4e3b\u8981\u529f\u80fd\u662f\u901a\u8fc7CIRWATT\u7535\u8868\u6216\u5176\u4ed6\u91c7\u7528PRIME\u6280\u672f\u7684\u7535\u8868\u7ba1\u7406\u5e02\u7535\u3002\r\n\r\nCircutor SGE-PLC1000 0.9.2b\u56fa\u4ef6\u7248\u672c\u4e2d\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u6700\u5927\u7684\u6743\u9650\u5411\u64cd\u4f5c\u7cfb\u7edf\u6ce8\u5165\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Circutor SGE-PLC1000\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "circutor Circutor SGE-PLC1000 0.9.2b"
  },
  "referenceLink": "https://www.incibe-cert.es/en/early-warning/ics-advisories/circutor-sge-plc1000-os-command-injection",
  "serverity": "\u9ad8",
  "submitTime": "2021-06-11",
  "title": "Circutor SGE-PLC1000\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

GSD-2021-33841

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

Aliases

CVE-2021-33841

Aliases

CVE-2021-33841

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-33841",
    "description": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.",
    "id": "GSD-2021-33841"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-33841"
      ],
      "details": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.",
      "id": "GSD-2021-33841",
      "modified": "2023-12-13T01:23:19.094861Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve-coordination@incibe.es",
        "ID": "CVE-2021-33841",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SGE-PLC1000",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "0.9.2b"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Circutor"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Industrial Cybersecurity team of S21sec, special mention to Aar\u00f3n Flecha Men\u00e9ndez."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-78",
                "lang": "eng",
                "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection",
            "refsource": "MISC",
            "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue can be solved through a firmware upgrade that has already been released by the vendor."
            }
          ],
          "value": "This issue can be solved through a firmware upgrade that has already been released by the vendor."
        }
      ],
      "source": {
        "advisory": "INCIBE-2021-0227",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:circutor:sge-plc1000_firmware:0.9.2b:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:circutor:sge-plc1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-coordination@incibe.es",
          "ID": "CVE-2021-33841"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection",
              "refsource": "",
              "tags": [],
              "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-11-22T13:15Z",
      "publishedDate": "2021-06-09T12:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-33841 (GCVE-0-2021-33841)

FKIE_CVE-2021-33841

VAR-202106-1514

GHSA-56HW-2Q6H-3VH6

CNVD-2021-61767

GSD-2021-33841

Tags

Sightings

Nomenclature