VAR-202303-1297
Vulnerability from variot - Updated: 2023-12-18 11:54A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issue results from the exposure of a dangerous function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-1297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "igss data server",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "igss dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "custom reports",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "igss dashboard",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "custom reports",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "igss data server",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "igss",
"scope": null,
"trust": 0.7,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric igss data server",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
},
{
"model": "electric igss dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
},
{
"model": "electric custom reports",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:custom_reports:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:igss_dashboard:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:igss_data_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27980",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-29375",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27980",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2023-27980",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-27980",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cybersecurity@se.com",
"id": "CVE-2023-27980",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2023-27980",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-29375",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1556",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issue results from the exposure of a dangerous function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric)",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27980",
"trust": 4.5
},
{
"db": "SCHNEIDER",
"id": "SEVD-2023-073-04",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-082-04",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94559502",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19533",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-23-339",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2023-29375",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.1792",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"id": "VAR-202303-1297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
]
},
"last_update_date": "2023-12-18T11:54:51.763000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Schneider Electric has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-073-04.pdf"
},
{
"title": "Patch for Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-29375)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/419156"
},
{
"title": "Schneider Electric IGSS Data Server Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=230404"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-073-04.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94559502/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27980"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27980/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1792"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-16T00:00:00",
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"date": "2023-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"date": "2023-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"date": "2023-03-21T06:15:13.063000",
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"date": "2023-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-16T00:00:00",
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"date": "2023-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"date": "2023-11-09T06:46:00",
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"date": "2023-03-24T19:15:23.867000",
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"date": "2023-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Schneider\u00a0Electric\u00a0 Vulnerability related to lack of authentication for critical functions in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…