Sign-up

ID

VAR-201512-0224


CVE

CVE-2015-8561


TITLE

Schneider Electric ProClima Denial of service vulnerability

Trust: 0.8

sources: IVD: 694110a2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08395

DESCRIPTION

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918. (1) AttachToSS The method (2) CopyAll The method (3) CopyRange The method (4) CopyRangeEx The method (5) SwapTable The method. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of the CopyAll method of the F1BookView ActiveX control. The method accepts an integer value and interprets it as the address of a structure in memory. An attacker can leverage this vulnerability to achieve code execution under the context of the process. Schneider Electric ProClima is the thermal calculation software of Schneider Electric, France. Failed exploit attempts will likely result in denial-of-service conditions

Trust: 5.22

sources: NVD: CVE-2015-8561 // JVNDB: JVNDB-2015-006425 // ZDI: ZDI-15-629 // ZDI: ZDI-15-626 // ZDI: ZDI-15-628 // ZDI: ZDI-15-627 // CNVD: CNVD-2015-08395 // BID: 79802 // IVD: 694110a2-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-86522

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 694110a2-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-08395

AFFECTED PRODUCTS

vendor:schneider electricmodel:proclimascope: - version: -

Trust: 2.8

vendor:schneider electricmodel:proclimascope:lteversion:6.1

Trust: 1.0

vendor:schneider electricmodel:proclimascope:eqversion:6.1

Trust: 0.9

vendor:schneider electricmodel:proclimascope:ltversion:6.2

Trust: 0.8

vendor:schneidermodel:electric proclimascope:ltversion:6.2

Trust: 0.6

vendor:schneider electricmodel:proclimascope:eqversion:6.0

Trust: 0.3

vendor:schneider electricmodel:proclimascope:neversion:6.2

Trust: 0.3

vendor:proclimamodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 694110a2-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-15-629 // ZDI: ZDI-15-626 // ZDI: ZDI-15-628 // ZDI: ZDI-15-627 // CNVD: CNVD-2015-08395 // BID: 79802 // JVNDB: JVNDB-2015-006425 // CNNVD: CNNVD-201512-442 // NVD: CVE-2015-8561

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2015-8561
value: MEDIUM

Trust: 2.8

nvd@nist.gov: CVE-2015-8561
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-8561
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-08395
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201512-442
value: MEDIUM

Trust: 0.6

IVD: 694110a2-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-86522
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-8561
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 4.6

CNVD: CNVD-2015-08395
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 694110a2-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-86522
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 694110a2-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-15-629 // ZDI: ZDI-15-626 // ZDI: ZDI-15-628 // ZDI: ZDI-15-627 // CNVD: CNVD-2015-08395 // VULHUB: VHN-86522 // JVNDB: JVNDB-2015-006425 // CNNVD: CNNVD-201512-442 // NVD: CVE-2015-8561

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-86522 // JVNDB: JVNDB-2015-006425 // NVD: CVE-2015-8561

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-442

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: 694110a2-2351-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201512-442

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-006425

PATCH
title:Schneider Electric has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02
Trust: 2.8
title:SEVD-2015-329-01url:http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01
Trust: 0.8
title:Schneider Electric ProClima denial of service vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/68764
Trust: 0.6
title:Schneider Electric ProClima F1 Bookview Buffer Overflow Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59231
Trust: 0.6
sources:
            
            
            ZDI: ZDI-15-629 // 
            
            
            
            ZDI: ZDI-15-626 // 
            
            
            
            ZDI: ZDI-15-628 // 
            
            
            
            ZDI: ZDI-15-627 // 
            
            
            
            CNVD: CNVD-2015-08395 // 
            
            
            
            JVNDB: JVNDB-2015-006425 // 
            
            
            
            CNNVD: CNNVD-201512-442

EXTERNAL IDS
db:NVDid:CVE-2015-8561
Trust: 6.4
db:ZDIid:ZDI-15-628
Trust: 3.3
db:ZDIid:ZDI-15-629
Trust: 2.7
db:ZDIid:ZDI-15-626
Trust: 2.7
db:ICS CERTid:ICSA-15-335-02
Trust: 2.5
db:ZDIid:ZDI-15-627
Trust: 2.4
db:SCHNEIDERid:SEVD-2015-329-01
Trust: 2.0
db:CNNVDid:CNNVD-201512-442
Trust: 0.9
db:CNVDid:CNVD-2015-08395
Trust: 0.8
db:JVNDBid:JVNDB-2015-006425
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3054
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-3056
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-3053
Trust: 0.7
db:ZDI_CANid:ZDI-CAN-3055
Trust: 0.7
db:BIDid:79802
Trust: 0.4
db:IVDid:694110A2-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-86522
Trust: 0.1
sources:
            
            
            IVD: 694110a2-2351-11e6-abef-000c29c66e3d // 
            
            
            
            ZDI: ZDI-15-629 // 
            
            
            
            ZDI: ZDI-15-626 // 
            
            
            
            ZDI: ZDI-15-628 // 
            
            
            
            ZDI: ZDI-15-627 // 
            
            
            
            CNVD: CNVD-2015-08395 // 
            
            
            
            VULHUB: VHN-86522 // 
            
            
            
            BID: 79802 // 
            
            
            
            JVNDB: JVNDB-2015-006425 // 
            
            
            
            CNNVD: CNNVD-201512-442 // 
            
            
            
            NVD: CVE-2015-8561

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-335-02
Trust: 5.3
url:http://www.zerodayinitiative.com/advisories/zdi-15-628
Trust: 2.6
url:http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-329-01
Trust: 2.0
url:http://www.zerodayinitiative.com/advisories/zdi-15-626
Trust: 2.0
url:http://www.zerodayinitiative.com/advisories/zdi-15-629
Trust: 2.0
url:http://www.zerodayinitiative.com/advisories/zdi-15-627
Trust: 1.7
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8561
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8561
Trust: 0.8
url:http://support.microsoft.com/kb/240797
Trust: 0.6
url:http://www.schneider-electric.com/en/product-range-download/2560-proclima
Trust: 0.3
sources:
            
            
            ZDI: ZDI-15-629 // 
            
            
            
            ZDI: ZDI-15-626 // 
            
            
            
            ZDI: ZDI-15-628 // 
            
            
            
            ZDI: ZDI-15-627 // 
            
            
            
            CNVD: CNVD-2015-08395 // 
            
            
            
            VULHUB: VHN-86522 // 
            
            
            
            BID: 79802 // 
            
            
            
            JVNDB: JVNDB-2015-006425 // 
            
            
            
            CNNVD: CNNVD-201512-442 // 
            
            
            
            NVD: CVE-2015-8561

CREDITS
Ariele Caltabiano (kimiya)
Trust: 2.1
sources:
            
            
            ZDI: ZDI-15-629 // 
            
            
            
            ZDI: ZDI-15-628 // 
            
            
            
            ZDI: ZDI-15-627

SOURCES
db:IVDid:694110a2-2351-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-15-629
db:ZDIid:ZDI-15-626
db:ZDIid:ZDI-15-628
db:ZDIid:ZDI-15-627
db:CNVDid:CNVD-2015-08395
db:VULHUBid:VHN-86522
db:BIDid:79802
db:JVNDBid:JVNDB-2015-006425
db:CNNVDid:CNNVD-201512-442
db:NVDid:CVE-2015-8561

LAST UPDATE DATE
2025-04-13T23:31:32.934000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-629date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-626date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-628date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-627date:2015-12-08T00:00:00
db:CNVDid:CNVD-2015-08395date:2015-12-22T00:00:00
db:VULHUBid:VHN-86522date:2015-12-16T00:00:00
db:BIDid:79802date:2015-11-25T00:00:00
db:JVNDBid:JVNDB-2015-006425date:2015-12-17T00:00:00
db:CNNVDid:CNNVD-201512-442date:2015-12-18T00:00:00
db:NVDid:CVE-2015-8561date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:IVDid:694110a2-2351-11e6-abef-000c29c66e3ddate:2015-12-22T00:00:00
db:ZDIid:ZDI-15-629date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-626date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-628date:2015-12-08T00:00:00
db:ZDIid:ZDI-15-627date:2015-12-08T00:00:00
db:CNVDid:CNVD-2015-08395date:2015-12-22T00:00:00
db:VULHUBid:VHN-86522date:2015-12-15T00:00:00
db:BIDid:79802date:2015-11-25T00:00:00
db:JVNDBid:JVNDB-2015-006425date:2015-12-17T00:00:00
db:CNNVDid:CNNVD-201512-442date:2015-12-16T00:00:00
db:NVDid:CVE-2015-8561date:2015-12-15T05:59:09.797