Sign-up

ID

VAR-201705-3258


CVE

CVE-2017-5177


TITLE

VIPA Controls WinPLC7 Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-004107 // CNNVD: CNNVD-201702-837

DESCRIPTION

A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution. VIPA Controls WinPLC7 Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VIPA Automation WinPLC7. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of TCP packets. The software fails to validate the length field within the packet before copying it to a stack buffer. An attacker can leverage this vulnerability to execute code in the context of the process. WinPLC is a free set of applications for controlling the Velleman K8000 (Computer Interface Board). VIPA Controls WinPLC7 is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. WinPLC7 5.0.45.5921 and prior versions are vulnerable

Trust: 3.33

sources: NVD: CVE-2017-5177 // JVNDB: JVNDB-2017-004107 // ZDI: ZDI-17-112 // CNVD: CNVD-2017-02586 // BID: 96413 // IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // VULHUB: VHN-113380

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // CNVD: CNVD-2017-02586

AFFECTED PRODUCTS

vendor:vipa controlsmodel:winplc7scope:lteversion:5.0.45.5921

Trust: 1.8

vendor:vipamodel:automation winplc7scope: - version: -

Trust: 0.7

vendor:vipamodel:controls winplc7scope:lteversion:<=5.0.45.5921

Trust: 0.6

vendor:vipa controlsmodel:winplc7scope:eqversion:5.0.45.5921

Trust: 0.6

vendor:winplc7model: - scope:eqversion:*

Trust: 0.2

sources: IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // ZDI: ZDI-17-112 // CNVD: CNVD-2017-02586 // JVNDB: JVNDB-2017-004107 // CNNVD: CNNVD-201702-837 // NVD: CVE-2017-5177

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-5177
value: HIGH

Trust: 1.0

NVD: CVE-2017-5177
value: HIGH

Trust: 0.8

ZDI: CVE-2017-5177
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2017-02586
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201702-837
value: MEDIUM

Trust: 0.6

IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a
value: MEDIUM

Trust: 0.2

VULHUB: VHN-113380
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-5177
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-5177
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2017-02586
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-113380
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-5177
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // ZDI: ZDI-17-112 // CNVD: CNVD-2017-02586 // VULHUB: VHN-113380 // JVNDB: JVNDB-2017-004107 // CNNVD: CNNVD-201702-837 // NVD: CVE-2017-5177

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

problemtype:CWE-121

Trust: 1.0

sources: VULHUB: VHN-113380 // JVNDB: JVNDB-2017-004107 // NVD: CVE-2017-5177

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-837

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // CNNVD: CNNVD-201702-837

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-004107

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-113380

PATCH
title:Top Pageurl:http://www.vipa.com/home/
Trust: 0.8
title:VIPA has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-17-054-01
Trust: 0.7
title:Patch for WinPLC Stack Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/90359
Trust: 0.6
title:WinPLC Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68092
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-112 // 
            
            
            
            CNVD: CNVD-2017-02586 // 
            
            
            
            JVNDB: JVNDB-2017-004107 // 
            
            
            
            CNNVD: CNNVD-201702-837

EXTERNAL IDS
db:NVDid:CVE-2017-5177
Trust: 4.3
db:ICS CERTid:ICSA-17-054-01
Trust: 3.1
db:BIDid:96413
Trust: 1.4
db:EXPLOIT-DBid:42693
Trust: 1.1
db:CNNVDid:CNNVD-201702-837
Trust: 0.9
db:CNVDid:CNVD-2017-02586
Trust: 0.8
db:JVNDBid:JVNDB-2017-004107
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3721
Trust: 0.7
db:ZDIid:ZDI-17-112
Trust: 0.7
db:IVDid:C38D09E7-E6F9-42DA-805A-BA2F1A8C2F6A
Trust: 0.2
db:PACKETSTORMid:144168
Trust: 0.1
db:VULHUBid:VHN-113380
Trust: 0.1
sources:
            
            
            IVD: c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a // 
            
            
            
            ZDI: ZDI-17-112 // 
            
            
            
            CNVD: CNVD-2017-02586 // 
            
            
            
            VULHUB: VHN-113380 // 
            
            
            
            BID: 96413 // 
            
            
            
            JVNDB: JVNDB-2017-004107 // 
            
            
            
            CNNVD: CNNVD-201702-837 // 
            
            
            
            NVD: CVE-2017-5177

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-054-01
Trust: 3.8
url:http://www.securityfocus.com/bid/96413
Trust: 1.1
url:https://www.exploit-db.com/exploits/42693/
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5177
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-5177
Trust: 0.8
sources:
            
            
            ZDI: ZDI-17-112 // 
            
            
            
            CNVD: CNVD-2017-02586 // 
            
            
            
            VULHUB: VHN-113380 // 
            
            
            
            JVNDB: JVNDB-2017-004107 // 
            
            
            
            CNNVD: CNNVD-201702-837 // 
            
            
            
            NVD: CVE-2017-5177

CREDITS
Ariele Caltabiano (kimiya)
Trust: 0.7
sources:
            
            
            ZDI: ZDI-17-112

SOURCES
db:IVDid:c38d09e7-e6f9-42da-805a-ba2f1a8c2f6a
db:ZDIid:ZDI-17-112
db:CNVDid:CNVD-2017-02586
db:VULHUBid:VHN-113380
db:BIDid:96413
db:JVNDBid:JVNDB-2017-004107
db:CNNVDid:CNNVD-201702-837
db:NVDid:CVE-2017-5177

LAST UPDATE DATE
2025-04-20T23:13:07.476000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-112date:2017-02-28T00:00:00
db:CNVDid:CNVD-2017-02586date:2017-03-10T00:00:00
db:VULHUBid:VHN-113380date:2017-09-16T00:00:00
db:BIDid:96413date:2017-03-07T03:09:00
db:JVNDBid:JVNDB-2017-004107date:2017-06-16T00:00:00
db:CNNVDid:CNNVD-201702-837date:2017-05-19T00:00:00
db:NVDid:CVE-2017-5177date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:IVDid:c38d09e7-e6f9-42da-805a-ba2f1a8c2f6adate:2017-03-10T00:00:00
db:ZDIid:ZDI-17-112date:2017-02-28T00:00:00
db:CNVDid:CNVD-2017-02586date:2017-03-10T00:00:00
db:VULHUBid:VHN-113380date:2017-05-19T00:00:00
db:BIDid:96413date:2017-02-23T00:00:00
db:JVNDBid:JVNDB-2017-004107date:2017-06-16T00:00:00
db:CNNVDid:CNNVD-201702-837date:2017-02-27T00:00:00
db:NVDid:CVE-2017-5177date:2017-05-19T03:29:00.353