Details of VAR-201704-1422

ID

VAR-201704-1422

CVE

CVE-2017-7575

TITLE

Schneider Electric Modicon TM221CE16R Information Disclosure Vulnerability

Trust: 0.8

sources: IVD: b4542435-a636-4664-96b9-14ffd0dc876f // CNVD: CNVD-2017-05011

DESCRIPTION

Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded. Schneider Electric Modicon The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The Schneider Electric Modicon TM221CE16R is a programmable controller from Schneider Electric, France. A security vulnerability exists in the Schneider Electric Modicon TM221CE16R version 1.3.3.3. Or upload an app. An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks. Schneider Modicon TM221CE16R firmware 1.3.3.3 is affected

Trust: 2.7

sources: NVD: CVE-2017-7575 // JVNDB: JVNDB-2017-003057 // CNVD: CNVD-2017-05011 // BID: 97523 // IVD: b4542435-a636-4664-96b9-14ffd0dc876f // VULHUB: VHN-115778

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: b4542435-a636-4664-96b9-14ffd0dc876f // CNVD: CNVD-2017-05011

AFFECTED PRODUCTS

vendor:	schneider electric	model:	modicon tm221ce16r	scope:	eq	version:	1.3.3.3	Trust: 1.9
vendor:	schneider electric	model:	modicon tm221ce16r	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric modicon tm221ce16r	scope:	eq	version:	1.3.3.3	Trust: 0.6
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	1.5.0.1	Trust: 0.3
vendor:	schneider electric	model:	modicon m221	scope:	eq	version:	1.5.0.0	Trust: 0.3
vendor:	modicon tm221ce16r	model:	-	scope:	eq	version:	1.3.3.3	Trust: 0.2

sources: IVD: b4542435-a636-4664-96b9-14ffd0dc876f // CNVD: CNVD-2017-05011 // BID: 97523 // JVNDB: JVNDB-2017-003057 // CNNVD: CNNVD-201704-272 // NVD: CVE-2017-7575

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7575
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-7575
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-05011
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201704-272
value:	MEDIUM
Trust: 0.6
IVD:	b4542435-a636-4664-96b9-14ffd0dc876f
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-115778
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-7575
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-05011
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	b4542435-a636-4664-96b9-14ffd0dc876f
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-115778
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7575
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: b4542435-a636-4664-96b9-14ffd0dc876f // CNVD: CNVD-2017-05011 // VULHUB: VHN-115778 // JVNDB: JVNDB-2017-003057 // CNNVD: CNNVD-201704-272 // NVD: CVE-2017-7575

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-115778 // JVNDB: JVNDB-2017-003057 // NVD: CVE-2017-7575

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201704-272

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201704-272

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-003057

PATCH

title:

SEVD-2017-097-02

url:

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02

Trust: 0.8

sources: JVNDB: JVNDB-2017-003057

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7575	Trust: 3.6
db:	BID	id:	97523	Trust: 2.8
db:	SCHNEIDER	id:	SEVD-2017-097-02	Trust: 1.1
db:	ICS CERT	id:	ICSA-17-103-02	Trust: 1.1
db:	CNNVD	id:	CNNVD-201704-272	Trust: 0.9
db:	CNVD	id:	CNVD-2017-05011	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-003057	Trust: 0.8
db:	IVD	id:	B4542435-A636-4664-96B9-14FFD0DC876F	Trust: 0.2
db:	VULHUB	id:	VHN-115778	Trust: 0.1

sources: IVD: b4542435-a636-4664-96b9-14ffd0dc876f // CNVD: CNVD-2017-05011 // VULHUB: VHN-115778 // BID: 97523 // JVNDB: JVNDB-2017-003057 // CNNVD: CNNVD-201704-272 // NVD: CVE-2017-7575

REFERENCES

url:	https://os-s.net/advisories/oss-2017-01.pdf	Trust: 2.6
url:	http://www.securityfocus.com/bid/97523	Trust: 1.9
url:	http://download.schneider-electric.com/files?p_doc_ref=sevd-2017-097-02	Trust: 1.1
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-103-02	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7575	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7575	Trust: 0.8
url:	www.controlmicrosystems.com	Trust: 0.3

sources: CNVD: CNVD-2017-05011 // VULHUB: VHN-115778 // BID: 97523 // JVNDB: JVNDB-2017-003057 // CNNVD: CNNVD-201704-272 // NVD: CVE-2017-7575

CREDITS

Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg.

Trust: 0.3

sources: BID: 97523

SOURCES

db:	IVD	id:	b4542435-a636-4664-96b9-14ffd0dc876f
db:	CNVD	id:	CNVD-2017-05011
db:	VULHUB	id:	VHN-115778
db:	BID	id:	97523
db:	JVNDB	id:	JVNDB-2017-003057
db:	CNNVD	id:	CNNVD-201704-272
db:	NVD	id:	CVE-2017-7575

LAST UPDATE DATE

2025-04-20T23:05:06.342000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05011	date:	2017-04-22T00:00:00
db:	VULHUB	id:	VHN-115778	date:	2017-04-15T00:00:00
db:	BID	id:	97523	date:	2017-04-18T00:07:00
db:	JVNDB	id:	JVNDB-2017-003057	date:	2017-05-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-272	date:	2017-04-11T00:00:00
db:	NVD	id:	CVE-2017-7575	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	b4542435-a636-4664-96b9-14ffd0dc876f	date:	2017-04-22T00:00:00
db:	CNVD	id:	CNVD-2017-05011	date:	2017-04-22T00:00:00
db:	VULHUB	id:	VHN-115778	date:	2017-04-06T00:00:00
db:	BID	id:	97523	date:	2017-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-003057	date:	2017-05-12T00:00:00
db:	CNNVD	id:	CNNVD-201704-272	date:	2017-04-11T00:00:00
db:	NVD	id:	CVE-2017-7575	date:	2017-04-06T21:59:00.337