Details of VAR-201712-0116

ID

VAR-201712-0116

CVE

CVE-2017-16717

TITLE

WECON LeviStudio HMI Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-011779 // CNNVD: CNNVD-201712-742

DESCRIPTION

A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution. WECON LeviStudio HMI Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in the handling of LeviStudio Project files. When parsing the Driver field, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. WECON LeviStudio is an HMI programming software. Wecon LEVI Studio HMI is prone to heap-based buffer-overflow vulnerability. Failed exploit attempts will likely cause denial-of-service conditions

Trust: 3.24

sources: NVD: CVE-2017-16717 // JVNDB: JVNDB-2017-011779 // ZDI: ZDI-17-1001 // CNVD: CNVD-2017-37689 // BID: 102230 // IVD: e2dff630-39ab-11e9-80c8-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2dff630-39ab-11e9-80c8-000c29342cb1 // CNVD: CNVD-2017-37689

AFFECTED PRODUCTS

vendor:	we con	model:	levi studio hmi	scope:	eq	version:	-	Trust: 1.6
vendor:	wecon	model:	levistudio	scope:	-	version:	-	Trust: 1.5
vendor:	wecon	model:	levistudio hmi	scope:	-	version:	-	Trust: 0.6
vendor:	wecon	model:	levi studio hmi editor	scope:	eq	version:	0	Trust: 0.3
vendor:	levi studio hmi	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: e2dff630-39ab-11e9-80c8-000c29342cb1 // ZDI: ZDI-17-1001 // CNVD: CNVD-2017-37689 // BID: 102230 // JVNDB: JVNDB-2017-011779 // CNNVD: CNNVD-201712-742 // NVD: CVE-2017-16717

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-16717
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-16717
value:	HIGH
Trust: 0.8
ZDI:	CVE-2017-16717
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2017-37689
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201712-742
value:	HIGH
Trust: 0.6
IVD:	e2dff630-39ab-11e9-80c8-000c29342cb1
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2017-16717
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	8.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2017-16717
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2017-37689
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2dff630-39ab-11e9-80c8-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2017-16717
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.7
version:	3.0
Trust: 1.8

sources: IVD: e2dff630-39ab-11e9-80c8-000c29342cb1 // ZDI: ZDI-17-1001 // CNVD: CNVD-2017-37689 // JVNDB: JVNDB-2017-011779 // CNNVD: CNNVD-201712-742 // NVD: CVE-2017-16717

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.8
problemtype:	CWE-122	Trust: 1.0

sources: JVNDB: JVNDB-2017-011779 // NVD: CVE-2017-16717

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201712-742

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2dff630-39ab-11e9-80c8-000c29342cb1 // CNNVD: CNNVD-201712-742

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011779

PATCH

title:	Top Page	url:	http://www.we-con.com.cn/en/index.aspx	Trust: 0.8
title:	Wecon has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-17-353-05	Trust: 0.7
title:	WECON LeviStudio patch for HMI heap buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/111281	Trust: 0.6
title:	WECON LeviStudio HMI Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77234	Trust: 0.6

sources: ZDI: ZDI-17-1001 // CNVD: CNVD-2017-37689 // JVNDB: JVNDB-2017-011779 // CNNVD: CNNVD-201712-742

EXTERNAL IDS

db:	NVD	id:	CVE-2017-16717	Trust: 4.2
db:	ICS CERT	id:	ICSA-17-353-05	Trust: 3.3
db:	CNVD	id:	CNVD-2017-37689	Trust: 0.8
db:	CNNVD	id:	CNNVD-201712-742	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-011779	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-5085	Trust: 0.7
db:	ZDI	id:	ZDI-17-1001	Trust: 0.7
db:	BID	id:	102230	Trust: 0.3
db:	IVD	id:	E2DFF630-39AB-11E9-80C8-000C29342CB1	Trust: 0.2

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-353-05	Trust: 4.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16717	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-16717	Trust: 0.8
url:	http://www.we-con.com.cn/en/	Trust: 0.3

sources: ZDI: ZDI-17-1001 // CNVD: CNVD-2017-37689 // BID: 102230 // JVNDB: JVNDB-2017-011779 // CNNVD: CNNVD-201712-742 // NVD: CVE-2017-16717

CREDITS

Michael DePlante

Trust: 1.0

sources: ZDI: ZDI-17-1001 // BID: 102230

SOURCES

db:	IVD	id:	e2dff630-39ab-11e9-80c8-000c29342cb1
db:	ZDI	id:	ZDI-17-1001
db:	CNVD	id:	CNVD-2017-37689
db:	BID	id:	102230
db:	JVNDB	id:	JVNDB-2017-011779
db:	CNNVD	id:	CNNVD-201712-742
db:	NVD	id:	CVE-2017-16717

LAST UPDATE DATE

2025-04-20T23:22:04.036000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-1001	date:	2017-12-20T00:00:00
db:	CNVD	id:	CNVD-2017-37689	date:	2017-12-21T00:00:00
db:	BID	id:	102230	date:	2017-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2017-011779	date:	2018-01-26T00:00:00
db:	CNNVD	id:	CNNVD-201712-742	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-16717	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	e2dff630-39ab-11e9-80c8-000c29342cb1	date:	2017-12-21T00:00:00
db:	ZDI	id:	ZDI-17-1001	date:	2017-12-20T00:00:00
db:	CNVD	id:	CNVD-2017-37689	date:	2017-12-21T00:00:00
db:	BID	id:	102230	date:	2017-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2017-011779	date:	2018-01-26T00:00:00
db:	CNNVD	id:	CNNVD-201712-742	date:	2017-12-21T00:00:00
db:	NVD	id:	CVE-2017-16717	date:	2017-12-20T19:29:00.207