Details of VAR-201609-0334

ID

VAR-201609-0334

CVE

CVE-2016-4526

TITLE

ABB DataManagerPro DLL Native code execution vulnerability

Trust: 0.8

sources: IVD: bdfe210a-e3a3-4a84-8115-984187198303 // CNVD: CNVD-2016-07742

DESCRIPTION

ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. ABB DataManagerPro Contains a privileged vulnerability. Supplementary information : CWE Vulnerability type by CWE-427: Uncontrolled Search Path Element ( Uncontrolled search path elements ) Has been identified. ABB DataManagerPro is a suite of data analysis software from ABB, Switzerland. The software automatically collects data via Ethernet and database management. ABB DataManagerPro is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. A local attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. ABB DataManagerPro versions 1.0.0 through 1.7.0 are vulnerable

Trust: 2.61

sources: NVD: CVE-2016-4526 // JVNDB: JVNDB-2016-004812 // CNVD: CNVD-2016-07742 // BID: 92980 // IVD: bdfe210a-e3a3-4a84-8115-984187198303

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: bdfe210a-e3a3-4a84-8115-984187198303 // CNVD: CNVD-2016-07742

AFFECTED PRODUCTS

vendor:	trane	model:	tracer sc	scope:	lte	version:	4.2.1134	Trust: 1.0
vendor:	abb	model:	datamanagerpro	scope:	eq	version:	1.7.0	Trust: 0.9
vendor:	abb	model:	datamanagerpro	scope:	eq	version:	1.0.0	Trust: 0.9
vendor:	abb	model:	datamanagerpro	scope:	lt	version:	1.x	Trust: 0.8
vendor:	abb	model:	datamanagerpro	scope:	eq	version:	1.7.1	Trust: 0.8
vendor:	trane	model:	tracer sc	scope:	eq	version:	4.2.1134	Trust: 0.6
vendor:	abb	model:	datamanagerpro	scope:	ne	version:	1.7.1	Trust: 0.3
vendor:	tracer sc	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: bdfe210a-e3a3-4a84-8115-984187198303 // CNVD: CNVD-2016-07742 // BID: 92980 // JVNDB: JVNDB-2016-004812 // CNNVD: CNNVD-201609-339 // NVD: CVE-2016-4526

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4526
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-4526
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-07742
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201609-339
value:	MEDIUM
Trust: 0.6
IVD:	bdfe210a-e3a3-4a84-8115-984187198303
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2016-4526
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-07742
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	bdfe210a-e3a3-4a84-8115-984187198303
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2016-4526
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	6.0
version:	3.0
Trust: 1.8

sources: IVD: bdfe210a-e3a3-4a84-8115-984187198303 // CNVD: CNVD-2016-07742 // JVNDB: JVNDB-2016-004812 // CNNVD: CNNVD-201609-339 // NVD: CVE-2016-4526

PROBLEMTYPE DATA

problemtype:	CWE-427	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2016-004812 // NVD: CVE-2016-4526

THREAT TYPE

local

Trust: 0.9

sources: BID: 92980 // CNNVD: CNNVD-201609-339

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201609-339

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004812

PATCH

title:	089290	url:	https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf	Trust: 0.8
title:	Patch for ABB DataManagerPro DLL native code execution vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/81525	Trust: 0.6
title:	ABB DataManagerPro Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64139	Trust: 0.6

sources: CNVD: CNVD-2016-07742 // JVNDB: JVNDB-2016-004812 // CNNVD: CNNVD-201609-339

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4526	Trust: 3.5
db:	ICS CERT	id:	ICSA-16-259-02	Trust: 3.3
db:	BID	id:	92980	Trust: 1.9
db:	CNVD	id:	CNVD-2016-07742	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-339	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004812	Trust: 0.8
db:	IVD	id:	BDFE210A-E3A3-4A84-8115-984187198303	Trust: 0.2

sources: IVD: bdfe210a-e3a3-4a84-8115-984187198303 // CNVD: CNVD-2016-07742 // BID: 92980 // JVNDB: JVNDB-2016-004812 // CNNVD: CNNVD-201609-339 // NVD: CVE-2016-4526

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-259-02	Trust: 3.3
url:	https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9adb005557_abb_softwarevulnerabilityhandlingadvisory_dmpro.pdf	Trust: 1.6
url:	http://www.securityfocus.com/bid/92980	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4526	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4526	Trust: 0.8
url:	http://www.abb.com/	Trust: 0.3
url:	http://blog.rapid7.com/?p=5325	Trust: 0.3
url:	http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html	Trust: 0.3
url:	http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx	Trust: 0.3

sources: CNVD: CNVD-2016-07742 // BID: 92980 // JVNDB: JVNDB-2016-004812 // CNNVD: CNNVD-201609-339 // NVD: CVE-2016-4526

CREDITS

Andrea Micalizzi.

Trust: 0.3

sources: BID: 92980

SOURCES

db:	IVD	id:	bdfe210a-e3a3-4a84-8115-984187198303
db:	CNVD	id:	CNVD-2016-07742
db:	BID	id:	92980
db:	JVNDB	id:	JVNDB-2016-004812
db:	CNNVD	id:	CNNVD-201609-339
db:	NVD	id:	CVE-2016-4526

LAST UPDATE DATE

2025-04-13T23:35:03.511000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-07742	date:	2016-09-20T00:00:00
db:	BID	id:	92980	date:	2016-09-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-004812	date:	2016-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201609-339	date:	2016-09-19T00:00:00
db:	NVD	id:	CVE-2016-4526	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	IVD	id:	bdfe210a-e3a3-4a84-8115-984187198303	date:	2016-09-20T00:00:00
db:	CNVD	id:	CNVD-2016-07742	date:	2016-09-20T00:00:00
db:	BID	id:	92980	date:	2016-09-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-004812	date:	2016-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201609-339	date:	2016-09-19T00:00:00
db:	NVD	id:	CVE-2016-4526	date:	2016-09-19T01:59:02.790