Details of VAR-201608-0459

ID

VAR-201608-0459

TITLE

(0Day) ABB DataManagerPro File Permissions Privilege Escalation Vulnerability

Trust: 0.7

sources: ZDI: ZDI-16-479

DESCRIPTION

This vulnerability allows attackers to escalate their privilege to system administrator on vulnerable installations of ABB DataManagerPro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the file permissions set during product installation. The World account is set to have full rights to the directory that contains the binaries that are executed by system administrators. File substitution would then allow a standard user on the system to replace code that is subsequently run by a system administrator. ABB DataManagerPro is a set of data analysis software from Swiss ABB company. The software can automatically collect data via Ethernet and database management. A local attacker could use this vulnerability to gain elevated permissions

Trust: 2.16

sources: ZDI: ZDI-16-479 // CNVD: CNVD-2016-06458 // CNNVD: CNNVD-201608-387 // BID: 92531 // IVD: c527e41d-f965-4aff-bbf7-2c4b92c9b06e

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: c527e41d-f965-4aff-bbf7-2c4b92c9b06e // CNVD: CNVD-2016-06458

AFFECTED PRODUCTS

vendor:	abb	model:	datamanagerpro	scope:	-	version:	-	Trust: 1.3
vendor:	abb	model:	datamanagerpro	scope:	eq	version:	0	Trust: 0.3
vendor:	abb	model:	datamanagerpro	scope:	eq	version:	*	Trust: 0.2

sources: IVD: c527e41d-f965-4aff-bbf7-2c4b92c9b06e // ZDI: ZDI-16-479 // CNVD: CNVD-2016-06458 // BID: 92531

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	ZDI-16-479
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2016-06458
value:	MEDIUM
Trust: 0.6
IVD:	c527e41d-f965-4aff-bbf7-2c4b92c9b06e
value:	MEDIUM
Trust: 0.2

ZDI:	ZDI-16-479
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2016-06458
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	c527e41d-f965-4aff-bbf7-2c4b92c9b06e
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: c527e41d-f965-4aff-bbf7-2c4b92c9b06e // ZDI: ZDI-16-479 // CNVD: CNVD-2016-06458

THREAT TYPE

local

Trust: 0.9

sources: BID: 92531 // CNNVD: CNNVD-201608-387

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201608-387

EXTERNAL IDS

db:	ZDI	id:	ZDI-16-479	Trust: 1.6
db:	BID	id:	92531	Trust: 1.5
db:	CNVD	id:	CNVD-2016-06458	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3500	Trust: 0.7
db:	CNNVD	id:	CNNVD-201608-387	Trust: 0.6
db:	IVD	id:	C527E41D-F965-4AFF-BBF7-2C4B92C9B06E	Trust: 0.2

sources: IVD: c527e41d-f965-4aff-bbf7-2c4b92c9b06e // ZDI: ZDI-16-479 // CNVD: CNVD-2016-06458 // BID: 92531 // CNNVD: CNNVD-201608-387

REFERENCES

url:	http://www.zerodayinitiative.com/advisories/zdi-16-479/	Trust: 0.9
url:	http://www.securityfocus.com/bid/92531	Trust: 0.6
url:	http://www.abb.com/	Trust: 0.3

sources: CNVD: CNVD-2016-06458 // BID: 92531 // CNNVD: CNNVD-201608-387

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-16-479

SOURCES

db:	IVD	id:	c527e41d-f965-4aff-bbf7-2c4b92c9b06e
db:	ZDI	id:	ZDI-16-479
db:	CNVD	id:	CNVD-2016-06458
db:	BID	id:	92531
db:	CNNVD	id:	CNNVD-201608-387

LAST UPDATE DATE

2022-05-17T02:08:05.424000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-16-479	date:	2016-08-17T00:00:00
db:	CNVD	id:	CNVD-2016-06458	date:	2016-08-20T00:00:00
db:	BID	id:	92531	date:	2016-08-17T00:00:00
db:	CNNVD	id:	CNNVD-201608-387	date:	2016-08-19T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	c527e41d-f965-4aff-bbf7-2c4b92c9b06e	date:	2016-08-20T00:00:00
db:	ZDI	id:	ZDI-16-479	date:	2016-08-17T00:00:00
db:	CNVD	id:	CNVD-2016-06458	date:	2016-08-20T00:00:00
db:	BID	id:	92531	date:	2016-08-17T00:00:00
db:	CNNVD	id:	CNNVD-201608-387	date:	2016-08-19T00:00:00