Details of VAR-201804-0784

ID

VAR-201804-0784

CVE

CVE-2017-9638

TITLE

Mitsubishi Electric Europe B.V. E-Designer Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // CNVD: CNVD-2017-22835

DESCRIPTION

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of SetupAlarm sections of a mpa (project specification) file. When parsing the property Font, the process fails to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the Administrator. E-Designer is an E-series programming software from Mitsubishi Electric Europe B.V. Mitsubishi E-Designer is prone to the following vulnerabilities: 1. Multiple stack-based overflow vulnerabilities. 2. Multiple heap-based overflow vulnerabilities. 3. Multiple denial-of-service overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions

Trust: 6.48

sources: NVD: CVE-2017-9638 // JVNDB: JVNDB-2017-013251 // ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515 // CNVD: CNVD-2017-22835 // BID: 100097 // IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // VULMON: CVE-2017-9638

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // CNVD: CNVD-2017-22835

AFFECTED PRODUCTS

vendor:	mitsubishi electric	model:	e-designer	scope:	-	version:	-	Trust: 4.2
vendor:	mitsubishielectric	model:	e-designer	scope:	eq	version:	7.52	Trust: 1.6
vendor:	mitsubishi electric	model:	e-designer	scope:	eq	version:	7.52 build 344	Trust: 0.8
vendor:	mitsubishi	model:	electric europe b.v. e-designer build	scope:	eq	version:	7.52344	Trust: 0.6
vendor:	mitsubishi	model:	electric e-designer build	scope:	eq	version:	7.52344	Trust: 0.3
vendor:	e designer	model:	-	scope:	eq	version:	7.52	Trust: 0.2

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515 // CNVD: CNVD-2017-22835 // BID: 100097 // JVNDB: JVNDB-2017-013251 // CNNVD: CNNVD-201706-865 // NVD: CVE-2017-9638

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2017-9638
value:	HIGH
Trust: 4.2
nvd@nist.gov:	CVE-2017-9638
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-9638
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-22835
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201706-865
value:	CRITICAL
Trust: 0.6
IVD:	ba5b1d78-480a-4bc9-a667-e19335367d20
value:	CRITICAL
Trust: 0.2
VULMON:	CVE-2017-9638
value:	HIGH
Trust: 0.1

ZDI:	CVE-2017-9638
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 4.2
nvd@nist.gov:	CVE-2017-9638
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-22835
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	ba5b1d78-480a-4bc9-a667-e19335367d20
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2017-9638
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515 // CNVD: CNVD-2017-22835 // VULMON: CVE-2017-9638 // JVNDB: JVNDB-2017-013251 // CNNVD: CNNVD-201706-865 // NVD: CVE-2017-9638

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.8
problemtype:	CWE-121	Trust: 1.0

sources: JVNDB: JVNDB-2017-013251 // NVD: CVE-2017-9638

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-865

TYPE

Buffer error

Trust: 0.8

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // CNNVD: CNNVD-201706-865

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-013251

PATCH

title:	Mitsubishi Electric has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01	Trust: 4.2
title:	Top Page	url:	http://www.mitsubishielectric.co.jp/fa/	Trust: 0.8
title:	Patch for Mitsubishi Electric Europe B.V. E-Designer Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/100854	Trust: 0.6

EXTERNAL IDS

db:	NVD	id:	CVE-2017-9638	Trust: 7.8
db:	ICS CERT	id:	ICSA-17-213-01	Trust: 3.4
db:	BID	id:	100097	Trust: 2.0
db:	CNVD	id:	CNVD-2017-22835	Trust: 0.8
db:	CNNVD	id:	CNNVD-201706-865	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-013251	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3803	Trust: 0.7
db:	ZDI	id:	ZDI-17-508	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3808	Trust: 0.7
db:	ZDI	id:	ZDI-17-509	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3796	Trust: 0.7
db:	ZDI	id:	ZDI-17-516	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3798	Trust: 0.7
db:	ZDI	id:	ZDI-17-514	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3799	Trust: 0.7
db:	ZDI	id:	ZDI-17-513	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3797	Trust: 0.7
db:	ZDI	id:	ZDI-17-515	Trust: 0.7
db:	IVD	id:	BA5B1D78-480A-4BC9-A667-E19335367D20	Trust: 0.2
db:	VULMON	id:	CVE-2017-9638	Trust: 0.1

sources: IVD: ba5b1d78-480a-4bc9-a667-e19335367d20 // ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515 // CNVD: CNVD-2017-22835 // VULMON: CVE-2017-9638 // BID: 100097 // JVNDB: JVNDB-2017-013251 // CNNVD: CNNVD-201706-865 // NVD: CVE-2017-9638

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-213-01	Trust: 7.6
url:	http://www.securityfocus.com/bid/100097	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9638	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-9638	Trust: 0.8
url:	http://www.mrslim.com/home.asp	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515 // CNVD: CNVD-2017-22835 // VULMON: CVE-2017-9638 // BID: 100097 // JVNDB: JVNDB-2017-013251 // CNNVD: CNNVD-201706-865 // NVD: CVE-2017-9638

CREDITS

rgod

Trust: 4.2

sources: ZDI: ZDI-17-508 // ZDI: ZDI-17-509 // ZDI: ZDI-17-516 // ZDI: ZDI-17-514 // ZDI: ZDI-17-513 // ZDI: ZDI-17-515

SOURCES

db:	IVD	id:	ba5b1d78-480a-4bc9-a667-e19335367d20
db:	ZDI	id:	ZDI-17-508
db:	ZDI	id:	ZDI-17-509
db:	ZDI	id:	ZDI-17-516
db:	ZDI	id:	ZDI-17-514
db:	ZDI	id:	ZDI-17-513
db:	ZDI	id:	ZDI-17-515
db:	CNVD	id:	CNVD-2017-22835
db:	VULMON	id:	CVE-2017-9638
db:	BID	id:	100097
db:	JVNDB	id:	JVNDB-2017-013251
db:	CNNVD	id:	CNNVD-201706-865
db:	NVD	id:	CVE-2017-9638

LAST UPDATE DATE

2024-11-23T22:00:36.899000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-508	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-509	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-516	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-514	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-513	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-515	date:	2017-08-01T00:00:00
db:	CNVD	id:	CNVD-2017-22835	date:	2017-08-25T00:00:00
db:	VULMON	id:	CVE-2017-9638	date:	2019-10-09T00:00:00
db:	BID	id:	100097	date:	2017-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2017-013251	date:	2018-06-12T00:00:00
db:	CNNVD	id:	CNNVD-201706-865	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-9638	date:	2024-11-21T03:36:34.040

SOURCES RELEASE DATE

db:	IVD	id:	ba5b1d78-480a-4bc9-a667-e19335367d20	date:	2017-08-25T00:00:00
db:	ZDI	id:	ZDI-17-508	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-509	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-516	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-514	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-513	date:	2017-08-01T00:00:00
db:	ZDI	id:	ZDI-17-515	date:	2017-08-01T00:00:00
db:	CNVD	id:	CNVD-2017-22835	date:	2017-08-25T00:00:00
db:	VULMON	id:	CVE-2017-9638	date:	2018-04-17T00:00:00
db:	BID	id:	100097	date:	2017-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2017-013251	date:	2018-06-12T00:00:00
db:	CNNVD	id:	CNNVD-201706-865	date:	2017-06-21T00:00:00
db:	NVD	id:	CVE-2017-9638	date:	2018-04-17T14:29:00.463