Sign-up

ID

VAR-201705-3750


CVE

CVE-2017-7967


TITLE

Schneider Electric VAMPSET Local Memory Corruption Vulnerability

Trust: 1.1

sources: IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // CNVD: CNVD-2017-05641 // BID: 97124

DESCRIPTION

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol. Schneider Electric VAMPSET Software contains a buffer error vulnerability.Denial of service (DoS) May be in a state. Schneider Electric VAMPSET is a software company from Schneider Electric, France, deployed in the energy industry to configure and maintain multiple relays and arc monitors. An attacker could exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. Lead to a denial of service condition. Failed exploit attempts will likely cause denial-of-service conditions

Trust: 3.42

sources: NVD: CVE-2017-7967 // JVNDB: JVNDB-2017-003998 // CNVD: CNVD-2017-06423 // CNVD: CNVD-2017-05641 // BID: 97124 // IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // VULHUB: VHN-116170

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.6

sources: IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // CNVD: CNVD-2017-06423 // CNVD: CNVD-2017-05641

AFFECTED PRODUCTS

vendor:schneider electricmodel:vampsetscope:lteversion:2.2.185

Trust: 1.0

vendor:schneider electricmodel:vampsetscope:ltversion:2.2.189

Trust: 0.8

vendor:schneidermodel:electric vampsetscope:eqversion:v2.2.189

Trust: 0.6

vendor:schneidermodel:electric vampsetscope:eqversion:2.2.145

Trust: 0.6

vendor:schneidermodel:electric vampsetscope:eqversion:2.2.136

Trust: 0.6

vendor:schneider electricmodel:vampsetscope:eqversion:2.2.185

Trust: 0.6

vendor:vampsetmodel: - scope:eqversion:*

Trust: 0.4

vendor:schneider electricmodel:vampsetscope:eqversion:2.2.145

Trust: 0.3

vendor:schneider electricmodel:vampsetscope:eqversion:2.2.136

Trust: 0.3

vendor:schneider electricmodel:vampsetscope:neversion:2.2.189

Trust: 0.3

sources: IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // CNVD: CNVD-2017-06423 // CNVD: CNVD-2017-05641 // BID: 97124 // JVNDB: JVNDB-2017-003998 // CNNVD: CNNVD-201704-901 // NVD: CVE-2017-7967

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7967
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-7967
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-06423
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2017-05641
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201704-901
value: LOW

Trust: 0.6

IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069
value: LOW

Trust: 0.2

IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05
value: LOW

Trust: 0.2

VULHUB: VHN-116170
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2017-7967
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-06423
severity: MEDIUM
baseScore: 5.7
vectorString: AV:L/AC:L/AU:S/C:P/I:P/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2017-05641
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069
severity: MEDIUM
baseScore: 5.7
vectorString: AV:L/AC:L/AU:S/C:P/I:P/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05
severity: MEDIUM
baseScore: 4.4
vectorString: AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-116170
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-7967
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // CNVD: CNVD-2017-06423 // CNVD: CNVD-2017-05641 // VULHUB: VHN-116170 // JVNDB: JVNDB-2017-003998 // CNNVD: CNNVD-201704-901 // NVD: CVE-2017-7967

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-116170 // JVNDB: JVNDB-2017-003998 // NVD: CVE-2017-7967

THREAT TYPE

local

Trust: 0.9

sources: BID: 97124 // CNNVD: CNNVD-201704-901

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // CNNVD: CNNVD-201704-901

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-003998

PATCH
title:SEVD-2017-061-01url:http://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=7289882651&p_File_Name=SEVD-2017-061-01+VAMPSET.pdf&p_Reference=SEVD-2017-061-01
Trust: 0.8
title:Schneider Electric VAMPSET Memory Corruption Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/93552
Trust: 0.6
title:Schneider Electric VAMPSET Patch for Local Memory Corruption Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/92942
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-06423 // 
            
            
            
            CNVD: CNVD-2017-05641 // 
            
            
            
            JVNDB: JVNDB-2017-003998

EXTERNAL IDS
db:NVDid:CVE-2017-7967
Trust: 3.8
db:SCHNEIDERid:SEVD-2017-061-01
Trust: 2.6
db:BIDid:97124
Trust: 2.0
db:CNNVDid:CNNVD-201704-901
Trust: 1.1
db:CNVDid:CNVD-2017-06423
Trust: 0.8
db:CNVDid:CNVD-2017-05641
Trust: 0.8
db:JVNDBid:JVNDB-2017-003998
Trust: 0.8
db:ICS CERTid:ICSA-17-136-04
Trust: 0.3
db:IVDid:89AD9C93-EB8E-463A-8758-EB5258CA9069
Trust: 0.2
db:IVDid:753CCABE-B440-4A3A-A6AD-9BB292467D05
Trust: 0.2
db:VULHUBid:VHN-116170
Trust: 0.1
sources:
            
            
            IVD: 89ad9c93-eb8e-463a-8758-eb5258ca9069 // 
            
            
            
            IVD: 753ccabe-b440-4a3a-a6ad-9bb292467d05 // 
            
            
            
            CNVD: CNVD-2017-06423 // 
            
            
            
            CNVD: CNVD-2017-05641 // 
            
            
            
            VULHUB: VHN-116170 // 
            
            
            
            BID: 97124 // 
            
            
            
            JVNDB: JVNDB-2017-003998 // 
            
            
            
            CNNVD: CNNVD-201704-901 // 
            
            
            
            NVD: CVE-2017-7967

REFERENCES
url:http://www.schneider-electric.com/en/download/document/sevd-2017-061-01/
Trust: 2.6
url:http://www.securityfocus.com/bid/97124
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7967
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-7967
Trust: 0.8
url:http://www.securityfocus.com/bid/97124/info
Trust: 0.6
url:http://www.schneider-electric.com/products/ww/en/
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-136-04
Trust: 0.3
url:http://download.schneider-electric.com/files?p_endoctype=technical+leaflet&p_file_id=6595887732&p_file_name=sevd-2017-061-01+vampset.pdf&p_reference=sevd-2017-061-01
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-06423 // 
            
            
            
            CNVD: CNVD-2017-05641 // 
            
            
            
            VULHUB: VHN-116170 // 
            
            
            
            BID: 97124 // 
            
            
            
            JVNDB: JVNDB-2017-003998 // 
            
            
            
            CNNVD: CNNVD-201704-901 // 
            
            
            
            NVD: CVE-2017-7967

CREDITS
Kushal Arvind Shah from Fortinet's Fortiguard Labs.
Trust: 0.3
sources:
            
            
            BID: 97124

SOURCES
db:IVDid:89ad9c93-eb8e-463a-8758-eb5258ca9069
db:IVDid:753ccabe-b440-4a3a-a6ad-9bb292467d05
db:CNVDid:CNVD-2017-06423
db:CNVDid:CNVD-2017-05641
db:VULHUBid:VHN-116170
db:BIDid:97124
db:JVNDBid:JVNDB-2017-003998
db:CNNVDid:CNNVD-201704-901
db:NVDid:CVE-2017-7967

LAST UPDATE DATE
2025-04-20T23:43:04.515000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-06423date:2017-05-14T00:00:00
db:CNVDid:CNVD-2017-05641date:2017-04-29T00:00:00
db:VULHUBid:VHN-116170date:2017-05-23T00:00:00
db:BIDid:97124date:2017-05-23T16:26:00
db:JVNDBid:JVNDB-2017-003998date:2017-06-13T00:00:00
db:CNNVDid:CNNVD-201704-901date:2017-05-10T00:00:00
db:NVDid:CVE-2017-7967date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:IVDid:89ad9c93-eb8e-463a-8758-eb5258ca9069date:2017-05-13T00:00:00
db:IVDid:753ccabe-b440-4a3a-a6ad-9bb292467d05date:2017-04-29T00:00:00
db:CNVDid:CNVD-2017-06423date:2017-05-13T00:00:00
db:CNVDid:CNVD-2017-05641date:2017-04-21T00:00:00
db:VULHUBid:VHN-116170date:2017-05-09T00:00:00
db:BIDid:97124date:2017-03-02T00:00:00
db:JVNDBid:JVNDB-2017-003998date:2017-06-13T00:00:00
db:CNNVDid:CNNVD-201704-901date:2017-04-20T00:00:00
db:NVDid:CVE-2017-7967date:2017-05-09T17:29:00.213