Sign-up

ID

VAR-201703-1368


CVE

CVE-2017-6023


TITLE

Fatek Automation PLC Ethernet Module Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // CNVD: CNVD-2017-05066

DESCRIPTION

An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and CM25E versions prior to V3.6 Build 170215. A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution or crash the affected device. plural Fatek Automation PLC Ethernet Module Work on Ether_cfg The software configuration tool contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ether_cfg.exe. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Failed attempts will likely cause a denial-of-service condition

Trust: 3.33

sources: NVD: CVE-2017-6023 // JVNDB: JVNDB-2017-002740 // ZDI: ZDI-17-465 // CNVD: CNVD-2017-05066 // BID: 96892 // IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // VULHUB: VHN-114226

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // CNVD: CNVD-2017-05066

AFFECTED PRODUCTS

vendor:fatekmodel:ethernet module configuration tool cbehscope:lteversion:3.5

Trust: 1.0

vendor:fatekmodel:ethernet module configuration tool cbescope:lteversion:3.5

Trust: 1.0

vendor:fatekmodel:ethernet module configuration tool cm25escope:lteversion:3.5

Trust: 1.0

vendor:fatekmodel:ethernet module configuration tool cm55escope:lteversion:3.5

Trust: 1.0

vendor:fatekmodel:automation plc ethernet module cm55escope:eqversion:0

Trust: 0.9

vendor:fatekmodel:automation plc ethernet module cbescope:eqversion:0

Trust: 0.9

vendor:fatekmodel:automation plc ethernet module cbehscope:eqversion:0

Trust: 0.9

vendor:fatekmodel:automation plc ethernet module cm25escope:eqversion:0

Trust: 0.9

vendor:fatek automationmodel:plc ethernet module cbescope:ltversion:3.6 build 170215

Trust: 0.8

vendor:fatek automationmodel:plc ethernet module cbehscope:ltversion:3.6 build 170215

Trust: 0.8

vendor:fatek automationmodel:plc ethernet module cm25escope:ltversion:3.6 build 170215

Trust: 0.8

vendor:fatek automationmodel:plc ethernet module cm55escope:ltversion:3.6 build 170215

Trust: 0.8

vendor:fatek automationmodel:plc ethernet module configuration toolscope: - version: -

Trust: 0.7

vendor:fatek automationmodel:ethernet module configuration tool cbescope:eqversion:3.5

Trust: 0.6

vendor:fatek automationmodel:ethernet module configuration tool cm55escope:eqversion:3.5

Trust: 0.6

vendor:fatek automationmodel:ethernet module configuration tool cbehscope:eqversion:3.5

Trust: 0.6

vendor:fatek automationmodel:ethernet module configuration tool cm25escope:eqversion:3.5

Trust: 0.6

vendor:fatekmodel:automation plc ethernet module cm55e buildscope:neversion:3.6170215

Trust: 0.3

vendor:fatekmodel:automation plc ethernet module cm25e buildscope:neversion:3.6170215

Trust: 0.3

vendor:fatekmodel:automation plc ethernet module cbeh buildscope:neversion:3.6170215

Trust: 0.3

vendor:fatekmodel:automation plc ethernet module cbe buildscope:neversion:3.6170215

Trust: 0.3

vendor:ethernet module configuration tool cbemodel: - scope:eqversion:*

Trust: 0.2

vendor:ethernet module configuration tool cbehmodel: - scope:eqversion:*

Trust: 0.2

vendor:ethernet module configuration tool cm25emodel: - scope:eqversion:*

Trust: 0.2

vendor:ethernet module configuration tool cm55emodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // ZDI: ZDI-17-465 // CNVD: CNVD-2017-05066 // BID: 96892 // JVNDB: JVNDB-2017-002740 // CNNVD: CNNVD-201702-589 // NVD: CVE-2017-6023

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6023
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-6023
value: CRITICAL

Trust: 0.8

ZDI: CVE-2017-6023
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2017-05066
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201702-589
value: CRITICAL

Trust: 0.6

IVD: 67382430-e896-4ad0-9272-f55e1fb83a21
value: CRITICAL

Trust: 0.2

VULHUB: VHN-114226
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-6023
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-6023
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2017-05066
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 67382430-e896-4ad0-9272-f55e1fb83a21
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-114226
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6023
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-6023
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // ZDI: ZDI-17-465 // CNVD: CNVD-2017-05066 // VULHUB: VHN-114226 // JVNDB: JVNDB-2017-002740 // CNNVD: CNNVD-201702-589 // NVD: CVE-2017-6023

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

problemtype:CWE-121

Trust: 1.0

sources: VULHUB: VHN-114226 // JVNDB: JVNDB-2017-002740 // NVD: CVE-2017-6023

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-589

TYPE

Buffer error

Trust: 0.8

sources: IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // CNNVD: CNNVD-201702-589

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-002740

PATCH
title:Top Pageurl:http://www.fatek.com/en/
Trust: 0.8
title:Fatek Automation has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-17-073-01
Trust: 0.7
title:Patch for Fatek Automation PLC Ethernet Module Stack Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/92381
Trust: 0.6
title:Multiple Fatek Automation PLC Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99645
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-465 // 
            
            
            
            CNVD: CNVD-2017-05066 // 
            
            
            
            JVNDB: JVNDB-2017-002740 // 
            
            
            
            CNNVD: CNNVD-201702-589

EXTERNAL IDS
db:NVDid:CVE-2017-6023
Trust: 4.3
db:ICS CERTid:ICSA-17-073-01
Trust: 2.8
db:BIDid:96892
Trust: 2.6
db:CNNVDid:CNNVD-201702-589
Trust: 0.9
db:CNVDid:CNVD-2017-05066
Trust: 0.8
db:JVNDBid:JVNDB-2017-002740
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3706
Trust: 0.7
db:ZDIid:ZDI-17-465
Trust: 0.7
db:IVDid:67382430-E896-4AD0-9272-F55E1FB83A21
Trust: 0.2
db:VULHUBid:VHN-114226
Trust: 0.1
sources:
            
            
            IVD: 67382430-e896-4ad0-9272-f55e1fb83a21 // 
            
            
            
            ZDI: ZDI-17-465 // 
            
            
            
            CNVD: CNVD-2017-05066 // 
            
            
            
            VULHUB: VHN-114226 // 
            
            
            
            BID: 96892 // 
            
            
            
            JVNDB: JVNDB-2017-002740 // 
            
            
            
            CNNVD: CNNVD-201702-589 // 
            
            
            
            NVD: CVE-2017-6023

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-073-01
Trust: 3.5
url:http://www.securityfocus.com/bid/96892
Trust: 2.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6023
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-6023
Trust: 0.8
url:http://www.fatek.com/en/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-17-465 // 
            
            
            
            CNVD: CNVD-2017-05066 // 
            
            
            
            VULHUB: VHN-114226 // 
            
            
            
            BID: 96892 // 
            
            
            
            JVNDB: JVNDB-2017-002740 // 
            
            
            
            CNNVD: CNNVD-201702-589 // 
            
            
            
            NVD: CVE-2017-6023

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-17-465

SOURCES
db:IVDid:67382430-e896-4ad0-9272-f55e1fb83a21
db:ZDIid:ZDI-17-465
db:CNVDid:CNVD-2017-05066
db:VULHUBid:VHN-114226
db:BIDid:96892
db:JVNDBid:JVNDB-2017-002740
db:CNNVDid:CNNVD-201702-589
db:NVDid:CVE-2017-6023

LAST UPDATE DATE
2025-04-20T23:22:25.141000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-465date:2017-07-11T00:00:00
db:CNVDid:CNVD-2017-05066date:2017-04-22T00:00:00
db:VULHUBid:VHN-114226date:2019-10-09T00:00:00
db:BIDid:96892date:2017-03-16T01:02:00
db:JVNDBid:JVNDB-2017-002740date:2017-04-26T00:00:00
db:CNNVDid:CNNVD-201702-589date:2021-11-01T00:00:00
db:NVDid:CVE-2017-6023date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:IVDid:67382430-e896-4ad0-9272-f55e1fb83a21date:2017-04-22T00:00:00
db:ZDIid:ZDI-17-465date:2017-07-11T00:00:00
db:CNVDid:CNVD-2017-05066date:2017-04-14T00:00:00
db:VULHUBid:VHN-114226date:2017-03-16T00:00:00
db:BIDid:96892date:2017-03-14T00:00:00
db:JVNDBid:JVNDB-2017-002740date:2017-04-26T00:00:00
db:CNNVDid:CNNVD-201702-589date:2017-02-17T00:00:00
db:NVDid:CVE-2017-6023date:2017-03-16T04:59:00.153