Details of VAR-201702-0074

ID

VAR-201702-0074

CVE

CVE-2016-8367

TITLE

plural Schneider Electric Magelis Target of product Web Vulnerability to open multiple connections to the server

Trust: 0.8

sources: JVNDB: JVNDB-2016-007994

DESCRIPTION

An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack. There are resource consumption vulnerabilities in several Schneider Electric products. An attacker exploiting a vulnerability can lead to resource exhaustion and restart, causing a denial of service attack. Attackers can exploit this issue to cause excessive resource consumption, resulting in a denial-of-service condition

Trust: 2.7

sources: NVD: CVE-2016-8367 // JVNDB: JVNDB-2016-007994 // CNVD: CNVD-2016-10625 // BID: 94093 // IVD: bc3cda95-7f34-4f84-b136-bedc75c028d8 // VULHUB: VHN-97187

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: bc3cda95-7f34-4f84-b136-bedc75c028d8 // CNVD: CNVD-2016-10625

AFFECTED PRODUCTS

vendor:	schneider electric	model:	magelis gtu universal panel	scope:	eq	version:	-	Trust: 2.4
vendor:	schneider electric	model:	magelis xbt gh advanced hand-held panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis xbt gk advanced touchscreen panel with keyboard	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis gto advanced optimum panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis sto5 small panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis xbt gt advanced touchscreen panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis xbt gtw advanced open touchscreen panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis stu small panel	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	magelis gto advanced optimum panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis sto5xx small panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis stu small panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis xbt gh advanced hand-held panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis xbt gk advanced touchscreen panels with keyboard	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis xbt gt advanced touchscreen panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	magelis xbt gtw advanced open touchscreen panels	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider	model:	electric magelis xbt gtw advanced open touchscreen panels	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis xbt gt advanced touchscreen panels all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis xbt gk advanced touchscreen panels with keyboard all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis xbt gh advanced hand-held panel all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis sto & stu small panels all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis gtu universal panel all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric magelis gto advanced optimum panels all	scope:	-	version:	-	Trust: 0.6
vendor:	schneider electric	model:	magelis xbt gtw	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis xbt gk	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis xbt gh	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis xbt gt	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis stu	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis sto	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis gtu	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	magelis gto	scope:	eq	version:	0	Trust: 0.3
vendor:	magelis gtu universal panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis gto advanced optimum panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis sto5 small panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis stu small panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis xbt gh advanced hand held panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis xbt gk advanced touchscreen panel with keyboard	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis xbt gt advanced touchscreen panel	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	magelis xbt gtw advanced open touchscreen panel	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: bc3cda95-7f34-4f84-b136-bedc75c028d8 // CNVD: CNVD-2016-10625 // BID: 94093 // JVNDB: JVNDB-2016-007994 // CNNVD: CNNVD-201610-908 // NVD: CVE-2016-8367

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-8367
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-8367
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10625
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201610-908
value:	MEDIUM
Trust: 0.6
IVD:	bc3cda95-7f34-4f84-b136-bedc75c028d8
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-97187
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-8367
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-8367
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-10625
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	bc3cda95-7f34-4f84-b136-bedc75c028d8
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-97187
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-8367
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2016-8367
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: bc3cda95-7f34-4f84-b136-bedc75c028d8 // CNVD: CNVD-2016-10625 // VULHUB: VHN-97187 // JVNDB: JVNDB-2016-007994 // CNNVD: CNNVD-201610-908 // NVD: CVE-2016-8367

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-97187 // JVNDB: JVNDB-2016-007994 // NVD: CVE-2016-8367

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-908

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201610-908

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007994

PATCH

title:	Magelis HMI	url:	http://www.schneider-electric.com/b2b/en/products/product-launch/magelis-hmi/	Trust: 0.8
title:	Multiple Schneider Electric Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=180272	Trust: 0.6

sources: JVNDB: JVNDB-2016-007994 // CNNVD: CNNVD-201610-908

EXTERNAL IDS

db:	NVD	id:	CVE-2016-8367	Trust: 3.6
db:	ICS CERT	id:	ICSA-16-308-02	Trust: 2.8
db:	BID	id:	94093	Trust: 2.0
db:	CNNVD	id:	CNNVD-201610-908	Trust: 0.9
db:	SCHNEIDER	id:	SEVD-2016-302-01	Trust: 0.9
db:	CNVD	id:	CNVD-2016-10625	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007994	Trust: 0.8
db:	IVD	id:	BC3CDA95-7F34-4F84-B136-BEDC75C028D8	Trust: 0.2
db:	VULHUB	id:	VHN-97187	Trust: 0.1

sources: IVD: bc3cda95-7f34-4f84-b136-bedc75c028d8 // CNVD: CNVD-2016-10625 // VULHUB: VHN-97187 // BID: 94093 // JVNDB: JVNDB-2016-007994 // CNNVD: CNNVD-201610-908 // NVD: CVE-2016-8367

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-308-02	Trust: 2.8
url:	http://www.securityfocus.com/bid/94093	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8367	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-8367	Trust: 0.8
url:	http://www.schneider-electric.com/ww/en/download/document/sevd-2016-302-01	Trust: 0.6
url:	http://www.critifence.com/sve/sve.php?id=82003201	Trust: 0.6
url:	www.controlmicrosystems.com	Trust: 0.3
url:	http://www.schneider-electric.com/en/download/document/sevd-2016-302-01/	Trust: 0.3

sources: CNVD: CNVD-2016-10625 // VULHUB: VHN-97187 // BID: 94093 // JVNDB: JVNDB-2016-007994 // CNNVD: CNNVD-201610-908 // NVD: CVE-2016-8367

CREDITS

Eran Goldstein, in collaboration with Check Point Software Technologies and CRITIFENCE.

Trust: 0.3

sources: BID: 94093

SOURCES

db:	IVD	id:	bc3cda95-7f34-4f84-b136-bedc75c028d8
db:	CNVD	id:	CNVD-2016-10625
db:	VULHUB	id:	VHN-97187
db:	BID	id:	94093
db:	JVNDB	id:	JVNDB-2016-007994
db:	CNNVD	id:	CNNVD-201610-908
db:	NVD	id:	CVE-2016-8367

LAST UPDATE DATE

2025-04-20T23:23:53.324000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10625	date:	2016-11-04T00:00:00
db:	VULHUB	id:	VHN-97187	date:	2017-06-28T00:00:00
db:	BID	id:	94093	date:	2016-11-24T01:07:00
db:	JVNDB	id:	JVNDB-2016-007994	date:	2017-04-06T00:00:00
db:	CNNVD	id:	CNNVD-201610-908	date:	2022-02-07T00:00:00
db:	NVD	id:	CVE-2016-8367	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	bc3cda95-7f34-4f84-b136-bedc75c028d8	date:	2016-11-04T00:00:00
db:	CNVD	id:	CNVD-2016-10625	date:	2016-11-04T00:00:00
db:	VULHUB	id:	VHN-97187	date:	2017-02-13T00:00:00
db:	BID	id:	94093	date:	2016-11-03T00:00:00
db:	JVNDB	id:	JVNDB-2016-007994	date:	2017-04-06T00:00:00
db:	CNNVD	id:	CNNVD-201610-908	date:	2016-11-02T00:00:00
db:	NVD	id:	CVE-2016-8367	date:	2017-02-13T21:59:01.143