Details of VAR-201802-0669

ID

VAR-201802-0669

CVE

CVE-2018-1168

TITLE

ABB MicroSCADA Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-002469

DESCRIPTION

This vulnerability allows local attackers to escalate privileges on vulnerable installations of ABB MicroSCADA 9.3 with FP 1-2-3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the access controls for the installed product files. The installation procedure leaves critical files open to manipulation by any authenticated user. An attacker can leverage this vulnerability to escalate privileges to SYSTEM. Was ZDI-CAN-5097. ABB MicroSCADA Contains vulnerabilities related to authorization, permissions, and access control. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-5097 Was numbered.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABB MicroSCADA is a substation monitoring software developed by ABB Switzerland for power transmission and distribution systems. The software includes Human Machine Interface (MMI) and flexible application engineering tools, and provides monitoring, event alarms, trend graph statistics and more

Trust: 3.15

sources: NVD: CVE-2018-1168 // JVNDB: JVNDB-2018-002469 // ZDI: ZDI-18-141 // CNVD: CNVD-2018-06247 // IVD: e2e96c0f-39ab-11e9-b513-000c29342cb1 // VULHUB: VHN-121563 // VULMON: CVE-2018-1168

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2e96c0f-39ab-11e9-b513-000c29342cb1 // CNVD: CNVD-2018-06247

AFFECTED PRODUCTS

vendor:	hitachienergy	model:	sys600	scope:	eq	version:	9.4	Trust: 1.0
vendor:	hitachienergy	model:	sys600	scope:	eq	version:	9.1.5	Trust: 1.0
vendor:	hitachienergy	model:	sys600	scope:	eq	version:	9.1	Trust: 1.0
vendor:	hitachienergy	model:	sys600	scope:	eq	version:	9.2	Trust: 1.0
vendor:	hitachienergy	model:	sys600	scope:	eq	version:	9.0	Trust: 1.0
vendor:	abb	model:	sys600	scope:	-	version:	-	Trust: 0.8
vendor:	abb	model:	microscada	scope:	-	version:	-	Trust: 0.7
vendor:	abb	model:	microscada with fp	scope:	eq	version:	9.32001/2/3	Trust: 0.6
vendor:	abb	model:	sys600	scope:	eq	version:	9.4	Trust: 0.6
vendor:	abb	model:	sys600	scope:	eq	version:	9.1.5	Trust: 0.6
vendor:	abb	model:	sys600	scope:	eq	version:	9.1	Trust: 0.6
vendor:	abb	model:	sys600	scope:	eq	version:	9.2	Trust: 0.6
vendor:	abb	model:	sys600	scope:	eq	version:	9.0	Trust: 0.6
vendor:	sys600	model:	-	scope:	eq	version:	9.0	Trust: 0.2
vendor:	sys600	model:	-	scope:	eq	version:	9.1	Trust: 0.2
vendor:	sys600	model:	-	scope:	eq	version:	9.1.5	Trust: 0.2
vendor:	sys600	model:	-	scope:	eq	version:	9.2	Trust: 0.2
vendor:	sys600	model:	-	scope:	eq	version:	9.4	Trust: 0.2

sources: IVD: e2e96c0f-39ab-11e9-b513-000c29342cb1 // ZDI: ZDI-18-141 // CNVD: CNVD-2018-06247 // JVNDB: JVNDB-2018-002469 // CNNVD: CNNVD-201802-764 // NVD: CVE-2018-1168

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-1168
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-1168
value:	HIGH
Trust: 0.8
ZDI:	CVE-2018-1168
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2018-06247
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201802-764
value:	HIGH
Trust: 0.6
IVD:	e2e96c0f-39ab-11e9-b513-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-121563
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-1168
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-1168
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
ZDI:	CVE-2018-1168
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2018-06247
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2e96c0f-39ab-11e9-b513-000c29342cb1
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-121563
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-1168
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2e96c0f-39ab-11e9-b513-000c29342cb1 // ZDI: ZDI-18-141 // CNVD: CNVD-2018-06247 // VULHUB: VHN-121563 // VULMON: CVE-2018-1168 // JVNDB: JVNDB-2018-002469 // CNNVD: CNNVD-201802-764 // NVD: CVE-2018-1168

PROBLEMTYPE DATA

problemtype:	CWE-732	Trust: 1.1
problemtype:	CWE-284	Trust: 1.0
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-121563 // JVNDB: JVNDB-2018-002469 // NVD: CVE-2018-1168

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201802-764

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201802-764

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002469

PATCH

title:	Top Page	url:	http://new.abb.com/	Trust: 0.8
title:	ABB has issued an update to correct this vulnerability.	url:	https://library.e.abb.com/public/7a88a74b12bb492ea138b1f2365d00f6/ABBVU-PGGA-33888_ABB_SoftwareVulnerabilityHandlingAdvisory_Rev_A.pdf?x-sign=MJfu9cHtRUUubpLAYzyWFTmW5W+mg3kZ/nm7F/Jw5HlFTQf4eNyfLAgE8HozRJEC	Trust: 0.7
title:	Patch for ABB MicroSCADA Installation Rights Boost Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/123247	Trust: 0.6
title:	ABB MicroSCADA Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78776	Trust: 0.6
title:	-	url:	https://github.com/ExpLangcn/FuYao-Go	Trust: 0.1

sources: ZDI: ZDI-18-141 // CNVD: CNVD-2018-06247 // VULMON: CVE-2018-1168 // JVNDB: JVNDB-2018-002469 // CNNVD: CNNVD-201802-764

EXTERNAL IDS

db:	NVD	id:	CVE-2018-1168	Trust: 4.1
db:	ZDI	id:	ZDI-18-141	Trust: 3.8
db:	CNNVD	id:	CNNVD-201802-764	Trust: 0.9
db:	CNVD	id:	CNVD-2018-06247	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-002469	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-5097	Trust: 0.7
db:	IVD	id:	E2E96C0F-39AB-11E9-B513-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-121563	Trust: 0.1
db:	VULMON	id:	CVE-2018-1168	Trust: 0.1

REFERENCES

url:	https://library.e.abb.com/public/7a88a74b12bb492ea138b1f2365d00f6/abbvu-pgga-33888_abb_softwarevulnerabilityhandlingadvisory_rev_a.pdf?x-sign=mjfu9chtruuubplayzywftmw5w+mg3kz/nm7f/jw5hlftqf4enyflage8hozrjec	Trust: 2.4
url:	https://zerodayinitiative.com/advisories/zdi-18-141	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1168	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1168	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-18-141/	Trust: 0.8

sources: ZDI: ZDI-18-141 // CNVD: CNVD-2018-06247 // VULHUB: VHN-121563 // JVNDB: JVNDB-2018-002469 // CNNVD: CNNVD-201802-764 // NVD: CVE-2018-1168

CREDITS

Fritz Sands - Trend Micro Zero Day Initiative

Trust: 0.7

sources: ZDI: ZDI-18-141

SOURCES

db:	IVD	id:	e2e96c0f-39ab-11e9-b513-000c29342cb1
db:	ZDI	id:	ZDI-18-141
db:	CNVD	id:	CNVD-2018-06247
db:	VULHUB	id:	VHN-121563
db:	VULMON	id:	CVE-2018-1168
db:	JVNDB	id:	JVNDB-2018-002469
db:	CNNVD	id:	CNNVD-201802-764
db:	NVD	id:	CVE-2018-1168

LAST UPDATE DATE

2024-11-23T22:34:20.523000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-141	date:	2018-02-07T00:00:00
db:	CNVD	id:	CNVD-2018-06247	date:	2018-03-26T00:00:00
db:	VULHUB	id:	VHN-121563	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-1168	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-002469	date:	2018-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201802-764	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-1168	date:	2024-11-21T03:59:19.467

SOURCES RELEASE DATE

db:	IVD	id:	e2e96c0f-39ab-11e9-b513-000c29342cb1	date:	2018-03-26T00:00:00
db:	ZDI	id:	ZDI-18-141	date:	2018-02-06T00:00:00
db:	CNVD	id:	CNVD-2018-06247	date:	2018-03-26T00:00:00
db:	VULHUB	id:	VHN-121563	date:	2018-02-21T00:00:00
db:	VULMON	id:	CVE-2018-1168	date:	2018-02-21T00:00:00
db:	JVNDB	id:	JVNDB-2018-002469	date:	2018-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201802-764	date:	2018-03-08T00:00:00
db:	NVD	id:	CVE-2018-1168	date:	2018-02-21T14:29:00.580