VAR-201311-0452
Vulnerability from variot - Updated: 2022-05-17 02:00This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ABB RobotStudio Tools. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the cw3dgrph.ocx ActiveX control. The ImportStyle method allows an attacker to load a specially crafted .cwx file from a remote network share. Following this call, the attacker can invoke the ExportStyle method to save the file to an arbitrary location through the use of a directory traversal vulnerability. A remote attacker can abuse this to execute arbitrary code under the context of the user. ABB is a leader in power and automation technology among the world's top 500 companies. The attacker constructs a malicious WEB page to induce the user to parse, and can write arbitrary files to any position of the system. ABB Test Signal Viewer is a software product of Swiss ABB company, which is mainly used to optimize and adjust the axis speed of ABB robots, and grasp the robot operating conditions. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "test signal viewer",
"scope": "eq",
"trust": 0.8,
"vendor": "abb",
"version": "1.x"
},
{
"model": "robotware",
"scope": "eq",
"trust": 0.8,
"vendor": "abb",
"version": "5.x"
},
{
"model": "robotstudio",
"scope": null,
"trust": 0.7,
"vendor": "abb",
"version": null
},
{
"model": "test signal viewer",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "1.4"
},
{
"model": "robotstudio",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "5.15.02"
},
{
"model": "test signal viewer",
"scope": "ne",
"trust": 0.3,
"vendor": "abb",
"version": "1.5"
},
{
"model": "robotstudio",
"scope": "ne",
"trust": 0.3,
"vendor": "abb",
"version": "5.15.03"
}
],
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"db": "BID",
"id": "63904"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi",
"sources": [
{
"db": "BID",
"id": "63904"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ZDI-13-253",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14743",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14744",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "555598f6-1efb-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "ZDI-13-253",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-14743",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-14744",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ABB RobotStudio Tools. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the cw3dgrph.ocx ActiveX control. The ImportStyle method allows an attacker to load a specially crafted .cwx file from a remote network share. Following this call, the attacker can invoke the ExportStyle method to save the file to an arbitrary location through the use of a directory traversal vulnerability. A remote attacker can abuse this to execute arbitrary code under the context of the user. ABB is a leader in power and automation technology among the world\u0027s top 500 companies. The attacker constructs a malicious WEB page to induce the user to parse, and can write arbitrary files to any position of the system. ABB Test Signal Viewer is a software product of Swiss ABB company, which is mainly used to optimize and adjust the axis speed of ABB robots, and grasp the robot operating conditions. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
},
{
"db": "BID",
"id": "63904"
},
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-13-253",
"trust": 1.6
},
{
"db": "BID",
"id": "63904",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-14743",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-14744",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1834",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435",
"trust": 0.6
},
{
"db": "IVD",
"id": "555598F6-1EFB-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "574F7F8C-1EFB-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"db": "BID",
"id": "63904"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
]
},
"id": "VAR-201311-0452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
}
],
"trust": 2.296608943333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
}
]
},
"last_update_date": "2022-05-17T02:00:03.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ABB has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/8e134e13bfa25a0cc1257c0600459b16/$file/si10253a2%20rev%200%20.pdf"
},
{
"title": "ABB Test Signal Viewer CWGraph3D ActiveX Control Remote Code Execution Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41340"
},
{
"title": "ABB RobotWare CWGraph3D ActiveX Control Remote Code Execution Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41341"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/63904"
},
{
"trust": 1.0,
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/8e134e13bfa25a0cc1257c0600459b16/$file/si10253a2%20rev%200%20.pdf"
},
{
"trust": 0.9,
"url": "http://www.zerodayinitiative.com/advisories/zdi-13-253/"
},
{
"trust": 0.6,
"url": "http://www.abb.com/global/scot/scot348.nsf/veritydisplay/8e134e13bfa25a0cc1257c0600459b16/"
},
{
"trust": 0.3,
"url": "http://new.abb.com/products/robotics/robotstudio"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"db": "BID",
"id": "63904"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"db": "BID",
"id": "63904"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-27T00:00:00",
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-27T00:00:00",
"db": "IVD",
"id": "574f7f8c-1efb-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-24T00:00:00",
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"date": "2013-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"date": "2013-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"date": "2013-11-24T00:00:00",
"db": "BID",
"id": "63904"
},
{
"date": "2013-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-24T00:00:00",
"db": "ZDI",
"id": "ZDI-13-253"
},
{
"date": "2013-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"date": "2013-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14744"
},
{
"date": "2013-11-24T00:00:00",
"db": "BID",
"id": "63904"
},
{
"date": "2013-12-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB Test Signal Viewer CWGraph3D ActiveX Control Remote Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "555598f6-1efb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14743"
},
{
"db": "BID",
"id": "63904"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-435"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…