Details of VAR-201801-0231

ID

VAR-201801-0231

CVE

CVE-2017-5170

TITLE

Moxa SoftNVR-IA Live Viewer DLL Local arbitrary code execution vulnerability

Trust: 0.8

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNVD: CNVD-2017-22842

DESCRIPTION

An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. The attacker needs to have administrative access to the default install location in order to plant the insecure DLL. Once loaded by the application, the DLL could run malicious code at the privilege level of the application. Moxa SoftNVR-IA Live Viewer is a video surveillance software developed by Moxa for industrial automation systems. A DLL native arbitrary code execution vulnerability exists in Moxa SoftNVR-IA Live Viewer 3.30.3122 and earlier. This vulnerability stems from a program failing to properly filter user-submitted input

Trust: 2.7

sources: NVD: CVE-2017-5170 // JVNDB: JVNDB-2017-012159 // CNVD: CNVD-2017-22842 // BID: 100208 // IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // VULHUB: VHN-113373

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNVD: CNVD-2017-22842

AFFECTED PRODUCTS

vendor:	moxa	model:	softnvr-ia live view	scope:	lte	version:	3.3	Trust: 1.0
vendor:	moxa	model:	softnvr-ia	scope:	lte	version:	3.30.3122	Trust: 0.8
vendor:	moxa	model:	softnvr-ia live viewer	scope:	lte	version:	<=3.30.3122	Trust: 0.6
vendor:	moxa	model:	softnvr-ia live view	scope:	eq	version:	3.3	Trust: 0.6
vendor:	moxa	model:	softnvr-ia live viewer	scope:	eq	version:	3.30.3122	Trust: 0.3
vendor:	moxa	model:	softnvr-ia live viewer	scope:	ne	version:	3.4	Trust: 0.3
vendor:	softnvr ia live view	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNVD: CNVD-2017-22842 // BID: 100208 // JVNDB: JVNDB-2017-012159 // CNNVD: CNNVD-201708-649 // NVD: CVE-2017-5170

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-5170
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-5170
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-22842
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201708-649
value:	HIGH
Trust: 0.6
IVD:	e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9
value:	HIGH
Trust: 0.2
VULHUB:	VHN-113373
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-5170
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-22842
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-113373
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-5170
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNVD: CNVD-2017-22842 // VULHUB: VHN-113373 // JVNDB: JVNDB-2017-012159 // CNNVD: CNNVD-201708-649 // NVD: CVE-2017-5170

PROBLEMTYPE DATA

problemtype:

CWE-427

Trust: 1.9

sources: VULHUB: VHN-113373 // JVNDB: JVNDB-2017-012159 // NVD: CVE-2017-5170

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201708-649

TYPE

Code problem

Trust: 0.8

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNNVD: CNNVD-201708-649

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012159

PATCH

title:	SoftNVR-IA	url:	https://www.moxa.com/product/SoftNVR-IA.htm	Trust: 0.8
title:	Moxa SoftNVR-IA Live Viewer DLL patch for local arbitrary code execution vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/100833	Trust: 0.6
title:	Moxa SoftNVR-IA Live Viewer Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74023	Trust: 0.6

sources: CNVD: CNVD-2017-22842 // JVNDB: JVNDB-2017-012159 // CNNVD: CNNVD-201708-649

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5170	Trust: 3.6
db:	ICS CERT	id:	ICSA-17-220-02	Trust: 3.4
db:	BID	id:	100208	Trust: 2.0
db:	CNNVD	id:	CNNVD-201708-649	Trust: 0.9
db:	CNVD	id:	CNVD-2017-22842	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-012159	Trust: 0.8
db:	IVD	id:	E8DCBE09-D0E9-4F30-B6EA-6CEC10C880C9	Trust: 0.2
db:	VULHUB	id:	VHN-113373	Trust: 0.1

sources: IVD: e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9 // CNVD: CNVD-2017-22842 // VULHUB: VHN-113373 // BID: 100208 // JVNDB: JVNDB-2017-012159 // CNNVD: CNNVD-201708-649 // NVD: CVE-2017-5170

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-220-02	Trust: 3.4
url:	http://www.securityfocus.com/bid/100208	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5170	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-5170	Trust: 0.8
url:	http://www.moxa.com/	Trust: 0.3

sources: CNVD: CNVD-2017-22842 // VULHUB: VHN-113373 // BID: 100208 // JVNDB: JVNDB-2017-012159 // CNNVD: CNNVD-201708-649 // NVD: CVE-2017-5170

CREDITS

Karn Ganeshen

Trust: 0.9

sources: BID: 100208 // CNNVD: CNNVD-201708-649

SOURCES

db:	IVD	id:	e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9
db:	CNVD	id:	CNVD-2017-22842
db:	VULHUB	id:	VHN-113373
db:	BID	id:	100208
db:	JVNDB	id:	JVNDB-2017-012159
db:	CNNVD	id:	CNNVD-201708-649
db:	NVD	id:	CVE-2017-5170

LAST UPDATE DATE

2024-11-23T22:56:01.874000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-22842	date:	2017-08-25T00:00:00
db:	VULHUB	id:	VHN-113373	date:	2019-10-09T00:00:00
db:	BID	id:	100208	date:	2017-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2017-012159	date:	2018-02-22T00:00:00
db:	CNNVD	id:	CNNVD-201708-649	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-5170	date:	2024-11-21T03:27:11.783

SOURCES RELEASE DATE

db:	IVD	id:	e8dcbe09-d0e9-4f30-b6ea-6cec10c880c9	date:	2017-08-25T00:00:00
db:	CNVD	id:	CNVD-2017-22842	date:	2017-08-25T00:00:00
db:	VULHUB	id:	VHN-113373	date:	2018-01-18T00:00:00
db:	BID	id:	100208	date:	2017-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2017-012159	date:	2018-02-22T00:00:00
db:	CNNVD	id:	CNNVD-201708-649	date:	2017-08-16T00:00:00
db:	NVD	id:	CVE-2017-5170	date:	2018-01-18T19:29:00.283