VAR-201609-0391
Vulnerability from variot - Updated: 2024-02-13 22:54Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permission may be gained through a Trojan executable in the directory. Moxa Active OPC Server is an OPC driver package for operating HMI or SCADA systems. This may allow to gain elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active opc server",
"scope": "lt",
"trust": 1.4,
"vendor": "moxa",
"version": "2.4.19"
},
{
"model": "active opc server",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "2.4.18"
},
{
"model": "active opc server",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "2.4.18"
},
{
"model": "active opc server",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "active opc server",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "2.4.19"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "active opc server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:active_opc_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.18",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhou Yu.",
"sources": [
{
"db": "BID",
"id": "93046"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.9
},
"cve": "CVE-2016-5793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-5793",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-08231",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-94612",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5793",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5793",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-08231",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-525",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-94612",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-5793",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. http://cwe.mitre.org/data/definitions/428.htmlBy local users %SYSTEMDRIVE% Permission may be gained through a Trojan executable in the directory. Moxa Active OPC Server is an OPC driver package for operating HMI or SCADA systems. This may allow to gain elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5793"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5793",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-16-264-01",
"trust": 2.9
},
{
"db": "BID",
"id": "93046",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-08231",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902",
"trust": 0.8
},
{
"db": "IVD",
"id": "F436FCC6-328C-4129-A88E-DFF60FD54CA1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94612",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-5793",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"id": "VAR-201609-0391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
}
],
"trust": 1.5
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
}
]
},
"last_update_date": "2024-02-13T22:54:15.475000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Active OPC Server",
"trust": 0.8,
"url": "http://www.moxa.com/product/automation_software_html.htm"
},
{
"title": "Moxa Active OPC Server Local Path Enumeration Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81825"
},
{
"title": "Moxa Active OPC Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64258"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-264-01"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/93046"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5793"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"db": "VULHUB",
"id": "VHN-94612"
},
{
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"db": "BID",
"id": "93046"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-28T00:00:00",
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"date": "2016-09-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"date": "2016-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94612"
},
{
"date": "2016-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"date": "2016-09-20T00:00:00",
"db": "BID",
"id": "93046"
},
{
"date": "2016-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"date": "2016-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"date": "2016-09-24T10:59:02.603000",
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08231"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94612"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5793"
},
{
"date": "2016-09-20T00:00:00",
"db": "BID",
"id": "93046"
},
{
"date": "2016-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004902"
},
{
"date": "2016-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-525"
},
{
"date": "2016-11-28T20:29:31.143000",
"db": "NVD",
"id": "CVE-2016-5793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93046"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa Active OPC Server Local Path Enumeration Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f436fcc6-328c-4129-a88e-dff60fd54ca1"
},
{
"db": "CNVD",
"id": "CNVD-2016-08231"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-525"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…