Sign-up

ID

VAR-201503-0334


CVE

CVE-2014-9207


TITLE

Cimon CmnView DLL Hijacking vulnerability

Trust: 0.8

sources: IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-01826

DESCRIPTION

Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory. CIMON CmnView and UltimateAccess of CmnView.exe Contains a vulnerability that allows it to get permission due to a flaw in search path processing. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. CmnView is a WEB-based SCADA application. The CmnView application contains a DLL that fails to specify an absolute path, allowing an attacker to exploit a vulnerability to build a malicious application, placed in a specific path, allowing the application to maliciously load the DLL and execute it. Cimon CmnView is prone to a vulnerability that lets attackers execute arbitrary code. Successful exploits will allow the attackers to execute arbitrary code in the context of the user running the affected application

Trust: 2.61

sources: NVD: CVE-2014-9207 // JVNDB: JVNDB-2014-007978 // CNVD: CNVD-2015-01826 // BID: 73027 // IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-01826

AFFECTED PRODUCTS

vendor:cimonmodel:cmnviewscope:eqversion:2.14.0.1

Trust: 2.3

vendor:cimonmodel:ultimateaccessscope:eqversion:3.00

Trust: 2.2

vendor:cimonmodel:ultimateaccessscope:lteversion:3.01

Trust: 1.0

vendor:cimonmodel:cmnviewscope:lteversion:2.14.0.1

Trust: 1.0

vendor:cimonmodel:cmnviewscope:eqversion:3.x

Trust: 0.8

vendor:cimonmodel:ultimateaccessscope:ltversion:3.02

Trust: 0.8

vendor:cimonmodel:ultimateaccessscope:lteversion:<=3.01

Trust: 0.6

vendor:cimonmodel:ultimateaccessscope:eqversion:3.01

Trust: 0.6

vendor:cimonmodel:cmnviewscope:eqversion:3.0

Trust: 0.3

vendor:cimonmodel:cmnviewscope:neversion:3.02

Trust: 0.3

vendor:cmnviewmodel: - scope:eqversion:*

Trust: 0.2

vendor:ultimateaccessmodel: - scope:eqversion:3.00

Trust: 0.2

vendor:ultimateaccessmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-01826 // BID: 73027 // JVNDB: JVNDB-2014-007978 // CNNVD: CNNVD-201503-326 // NVD: CVE-2014-9207

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-9207
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-9207
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-01826
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201503-326
value: MEDIUM

Trust: 0.6

IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2014-9207
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-01826
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-01826 // JVNDB: JVNDB-2014-007978 // CNNVD: CNNVD-201503-326 // NVD: CVE-2014-9207

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-007978 // NVD: CVE-2014-9207

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201503-326

TYPE

Design Error

Trust: 0.3

sources: BID: 73027

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-007978

PATCH
title:Top Pageurl:http://www.cimon.com/eng/
Trust: 0.8
title:Cimon CmnView DLL hijacking vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/56374
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-01826 // 
            
            
            
            JVNDB: JVNDB-2014-007978

EXTERNAL IDS
db:NVDid:CVE-2014-9207
Trust: 3.5
db:ICS CERTid:ICSA-15-069-01
Trust: 3.3
db:BIDid:73027
Trust: 0.9
db:CNVDid:CNVD-2015-01826
Trust: 0.8
db:CNNVDid:CNNVD-201503-326
Trust: 0.8
db:JVNDBid:JVNDB-2014-007978
Trust: 0.8
db:IVDid:9CAC41E6-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
sources:
            
            
            IVD: 9cac41e6-2351-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2015-01826 // 
            
            
            
            BID: 73027 // 
            
            
            
            JVNDB: JVNDB-2014-007978 // 
            
            
            
            CNNVD: CNNVD-201503-326 // 
            
            
            
            NVD: CVE-2014-9207

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-069-01
Trust: 3.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9207
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9207
Trust: 0.8
url:http://www.cimon.com/eng/
Trust: 0.3
url:http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html
Trust: 0.3
url:http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-01826 // 
            
            
            
            BID: 73027 // 
            
            
            
            JVNDB: JVNDB-2014-007978 // 
            
            
            
            CNNVD: CNNVD-201503-326 // 
            
            
            
            NVD: CVE-2014-9207

CREDITS
Ivan Sanchez of Wise Security
Trust: 0.3
sources:
            
            
            BID: 73027

SOURCES
db:IVDid:9cac41e6-2351-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2015-01826
db:BIDid:73027
db:JVNDBid:JVNDB-2014-007978
db:CNNVDid:CNNVD-201503-326
db:NVDid:CVE-2014-9207

LAST UPDATE DATE
2025-04-13T23:29:38.317000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-01826date:2015-03-19T00:00:00
db:BIDid:73027date:2015-03-10T00:00:00
db:JVNDBid:JVNDB-2014-007978date:2015-03-17T00:00:00
db:CNNVDid:CNNVD-201503-326date:2015-03-16T00:00:00
db:NVDid:CVE-2014-9207date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:IVDid:9cac41e6-2351-11e6-abef-000c29c66e3ddate:2015-03-19T00:00:00
db:CNVDid:CNVD-2015-01826date:2015-03-19T00:00:00
db:BIDid:73027date:2015-03-10T00:00:00
db:JVNDBid:JVNDB-2014-007978date:2015-03-17T00:00:00
db:CNNVDid:CNNVD-201503-326date:2015-03-16T00:00:00
db:NVDid:CVE-2014-9207date:2015-03-14T01:59:08.220