Details of VAR-201609-0602

ID

VAR-201609-0602

TITLE

Schneider PLC 67160 IP Fragmentation Syntax Denial of Service Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-07839

DESCRIPTION

Schneider PLC is a hot standby system. Schneider PLC 67160 IP fragmentation syntax has a denial of service vulnerability. The cause of this vulnerability is that the illegal data frames of these IP fragments cannot be properly processed and discarded, resulting in system buffer overflow and equipment downtime

Trust: 0.72

sources: CNVD: CNVD-2016-07839 // IVD: 06ffe612-a770-4210-b95d-2055cf3676f5

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: 06ffe612-a770-4210-b95d-2055cf3676f5 // CNVD: CNVD-2016-07839

AFFECTED PRODUCTS

vendor:	schneider	model:	electric plc	scope:	eq	version:	67160	Trust: 0.6
vendor:	schneider	model:	electric plc	scope:	eq	version:	)67160	Trust: 0.2

sources: IVD: 06ffe612-a770-4210-b95d-2055cf3676f5 // CNVD: CNVD-2016-07839

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-07839
value:	HIGH
Trust: 0.6
IVD:	06ffe612-a770-4210-b95d-2055cf3676f5
value:	HIGH
Trust: 0.2

CNVD:	CNVD-2016-07839
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	06ffe612-a770-4210-b95d-2055cf3676f5
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 06ffe612-a770-4210-b95d-2055cf3676f5 // CNVD: CNVD-2016-07839

TYPE

Denial of service

Trust: 0.2

sources: IVD: 06ffe612-a770-4210-b95d-2055cf3676f5

EXTERNAL IDS

db:	CNVD	id:	CNVD-2016-07839	Trust: 0.8
db:	IVD	id:	06FFE612-A770-4210-B95D-2055CF3676F5	Trust: 0.2

sources: IVD: 06ffe612-a770-4210-b95d-2055cf3676f5 // CNVD: CNVD-2016-07839

SOURCES

db:	IVD	id:	06ffe612-a770-4210-b95d-2055cf3676f5
db:	CNVD	id:	CNVD-2016-07839

LAST UPDATE DATE

2022-05-17T01:52:38.285000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-07839

date:

2016-12-23T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	06ffe612-a770-4210-b95d-2055cf3676f5	date:	2016-09-22T00:00:00
db:	CNVD	id:	CNVD-2016-07839	date:	2016-10-31T00:00:00