Sign-up

ID

VAR-201702-1073


CVE

CVE-2016-8377


TITLE

PLC WinProladder Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // CNVD: CNVD-2016-13112

DESCRIPTION

An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable Structured Exception Handler (SEH) overwrite condition that may allow remote code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PLC configuration data from a network source. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user. Winproladder is a free PLC programming software. Failed exploit attempts will likely cause a denial-of-service condition. Fatek Automation PLC WinProladder is a set of programmable logic controller software from Fatek Automation

Trust: 3.33

sources: NVD: CVE-2016-8377 // JVNDB: JVNDB-2016-007850 // ZDI: ZDI-16-672 // CNVD: CNVD-2016-13112 // BID: 94938 // IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // VULHUB: VHN-97197

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // CNVD: CNVD-2016-13112

AFFECTED PRODUCTS

vendor:fatek automationmodel:plc winproladderscope: - version: -

Trust: 1.5

vendor:fatekmodel:plc winproladderscope:eqversion:3.11

Trust: 1.0

vendor:fatekmodel:automation plc winproladder buildscope:eqversion:3.1114701

Trust: 0.9

vendor:fatek automationmodel:plc winproladderscope:eqversion:3.11 build 14701

Trust: 0.8

vendor:fatek automationmodel:plc winproladderscope:eqversion:3.11

Trust: 0.6

vendor:plc winproladdermodel: - scope:eqversion:3.11

Trust: 0.2

sources: IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // ZDI: ZDI-16-672 // CNVD: CNVD-2016-13112 // BID: 94938 // JVNDB: JVNDB-2016-007850 // CNNVD: CNNVD-201612-581 // NVD: CVE-2016-8377

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8377
value: HIGH

Trust: 1.0

NVD: CVE-2016-8377
value: HIGH

Trust: 0.8

ZDI: CVE-2016-8377
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2016-13112
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201612-581
value: HIGH

Trust: 0.6

IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a
value: MEDIUM

Trust: 0.2

VULHUB: VHN-97197
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-8377
severity: MEDIUM
baseScore: 6.0
vectorString: AV:N/AC:M/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.8
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2016-8377
severity: MEDIUM
baseScore: 6.5
vectorString: AV:L/AC:L/AU:M/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 2.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2016-13112
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-97197
severity: MEDIUM
baseScore: 6.0
vectorString: AV:N/AC:M/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.8
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-8377
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.1
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-8377
baseSeverity: HIGH
baseScore: 8.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // ZDI: ZDI-16-672 // CNVD: CNVD-2016-13112 // VULHUB: VHN-97197 // JVNDB: JVNDB-2016-007850 // CNNVD: CNNVD-201612-581 // NVD: CVE-2016-8377

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-97197 // JVNDB: JVNDB-2016-007850 // NVD: CVE-2016-8377

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-581

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201612-581

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-007850

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-97197

PATCH
title:Top Pageurl:http://www.fatek.com/en/
Trust: 0.8
title:Fatek Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-16-350-01
Trust: 0.7
sources:
            
            
            ZDI: ZDI-16-672 // 
            
            
            
            JVNDB: JVNDB-2016-007850

EXTERNAL IDS
db:NVDid:CVE-2016-8377
Trust: 4.3
db:ICS CERTid:ICSA-16-350-01
Trust: 2.8
db:BIDid:94938
Trust: 2.6
db:EXPLOIT-DBid:42700
Trust: 1.7
db:ZDIid:ZDI-16-672
Trust: 1.0
db:CNNVDid:CNNVD-201612-581
Trust: 0.9
db:CNVDid:CNVD-2016-13112
Trust: 0.8
db:JVNDBid:JVNDB-2016-007850
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3705
Trust: 0.7
db:IVDid:0E3D54FC-9C96-4A19-B308-F030B1714E2A
Trust: 0.2
db:PACKETSTORMid:144151
Trust: 0.1
db:VULHUBid:VHN-97197
Trust: 0.1
sources:
            
            
            IVD: 0e3d54fc-9c96-4a19-b308-f030b1714e2a // 
            
            
            
            ZDI: ZDI-16-672 // 
            
            
            
            CNVD: CNVD-2016-13112 // 
            
            
            
            VULHUB: VHN-97197 // 
            
            
            
            BID: 94938 // 
            
            
            
            JVNDB: JVNDB-2016-007850 // 
            
            
            
            CNNVD: CNNVD-201612-581 // 
            
            
            
            NVD: CVE-2016-8377

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-350-01
Trust: 3.5
url:http://www.securityfocus.com/bid/94938
Trust: 2.9
url:https://www.exploit-db.com/exploits/42700/
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8377
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8377
Trust: 0.8
url:http://www.fatek.com/en/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-16-672/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-16-672 // 
            
            
            
            CNVD: CNVD-2016-13112 // 
            
            
            
            VULHUB: VHN-97197 // 
            
            
            
            BID: 94938 // 
            
            
            
            JVNDB: JVNDB-2016-007850 // 
            
            
            
            CNNVD: CNNVD-201612-581 // 
            
            
            
            NVD: CVE-2016-8377

CREDITS
Anonymous
Trust: 1.0
sources:
            
            
            ZDI: ZDI-16-672 // 
            
            
            
            BID: 94938

SOURCES
db:IVDid:0e3d54fc-9c96-4a19-b308-f030b1714e2a
db:ZDIid:ZDI-16-672
db:CNVDid:CNVD-2016-13112
db:VULHUBid:VHN-97197
db:BIDid:94938
db:JVNDBid:JVNDB-2016-007850
db:CNNVDid:CNNVD-201612-581
db:NVDid:CVE-2016-8377

LAST UPDATE DATE
2025-04-20T23:35:56.023000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-16-672date:2016-12-15T00:00:00
db:CNVDid:CNVD-2016-13112date:2016-12-27T00:00:00
db:VULHUBid:VHN-97197date:2017-09-16T00:00:00
db:BIDid:94938date:2017-05-02T05:06:00
db:JVNDBid:JVNDB-2016-007850date:2017-03-24T00:00:00
db:CNNVDid:CNNVD-201612-581date:2021-11-01T00:00:00
db:NVDid:CVE-2016-8377date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:IVDid:0e3d54fc-9c96-4a19-b308-f030b1714e2adate:2016-12-27T00:00:00
db:ZDIid:ZDI-16-672date:2016-12-15T00:00:00
db:CNVDid:CNVD-2016-13112date:2016-12-27T00:00:00
db:VULHUBid:VHN-97197date:2017-02-13T00:00:00
db:BIDid:94938date:2016-12-15T00:00:00
db:JVNDBid:JVNDB-2016-007850date:2017-03-24T00:00:00
db:CNNVDid:CNNVD-201612-581date:2016-12-19T00:00:00
db:NVDid:CVE-2016-8377date:2017-02-13T21:59:01.347