Details of VAR-201804-1573

ID

VAR-201804-1573

CVE

CVE-2018-8840

TITLE

InduSoft Web Studio and InTouch Machine Edition 2017 Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004280

DESCRIPTION

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. InduSoft Web Studio and InTouch Machine Edition 2017 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are embedded HMI software packages from Schneider Electric, France. The product provides read, write tag and event monitoring for HMI clients. Multiple Schneider Electric Products are prone to a stack-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected device. Failed exploit attempts will likely cause a denial-of-service condition

Trust: 2.7

sources: NVD: CVE-2018-8840 // JVNDB: JVNDB-2018-004280 // CNVD: CNVD-2018-08447 // BID: 103949 // IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // VULMON: CVE-2018-8840

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // CNVD: CNVD-2018-08447

AFFECTED PRODUCTS

vendor:	indusoft	model:	web studio	scope:	lte	version:	8.1	Trust: 1.0
vendor:	industrial	model:	intouch machine edition 2017	scope:	lte	version:	8.1	Trust: 1.0
vendor:	schneider electric	model:	intouch machine	scope:	lte	version:	edition 2017 8.1	Trust: 0.8
vendor:	schneider electric	model:	wonderware indusoft web studio	scope:	lte	version:	8.1	Trust: 0.8
vendor:	schneider	model:	electric indusoft web studio	scope:	lte	version:	<=8.1	Trust: 0.6
vendor:	schneider	model:	electric intouch machine edition	scope:	lte	version:	<=20178.1	Trust: 0.6
vendor:	industrial	model:	intouch machine edition 2017	scope:	eq	version:	8.1	Trust: 0.6
vendor:	schneider electric	model:	intouch machine edition	scope:	eq	version:	20178.1	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio	scope:	eq	version:	8.1	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio sp2 patch	scope:	eq	version:	8.01	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio sp2	scope:	eq	version:	8.0	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio patch	scope:	eq	version:	7.1.3.55	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio sp patch	scope:	eq	version:	7.1.3.434	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio	scope:	eq	version:	7.1.3.4	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio	scope:	eq	version:	7.1.3.2	Trust: 0.3
vendor:	schneider electric	model:	intouch machine edition sp1	scope:	ne	version:	20178.1	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio sp1	scope:	ne	version:	8.1	Trust: 0.3
vendor:	web studio	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	intouch machine edition 2017	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // CNVD: CNVD-2018-08447 // BID: 103949 // JVNDB: JVNDB-2018-004280 // CNNVD: CNNVD-201804-821 // NVD: CVE-2018-8840

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-8840
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-8840
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-08447
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201804-821
value:	CRITICAL
Trust: 0.6
IVD:	e2ed3ca0-39ab-11e9-a805-000c29342cb1
value:	CRITICAL
Trust: 0.2
VULMON:	CVE-2018-8840
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-8840
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-08447
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ed3ca0-39ab-11e9-a805-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-8840
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // CNVD: CNVD-2018-08447 // VULMON: CVE-2018-8840 // JVNDB: JVNDB-2018-004280 // CNNVD: CNNVD-201804-821 // NVD: CVE-2018-8840

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.8
problemtype:	CWE-121	Trust: 1.0

sources: JVNDB: JVNDB-2018-004280 // NVD: CVE-2018-8840

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-821

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // CNNVD: CNNVD-201804-821

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004280

PATCH

title:	Wonderware InduSoft Web Studio	url:	http://www.indusoft.com/Marketing/Article/ArtMID/684/ArticleID/667/Introduction-to-Wonderware-InduSoft-Web-Studio	Trust: 0.8
title:	Wonderware InTouch Machine Edition	url:	https://www.wonderware.com/hmi-scada/intouch-machine-edition/?utm_source=situation-awareness.com&utm_medium=situation-awareness.com	Trust: 0.8
title:	Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Editiony Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/127447	Trust: 0.6
title:	Schneider Electric InduSoft Web Studio and InTouch Machine Edition Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80186	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/schneider-electric-patches-critical-rce-vulnerability/131610/	Trust: 0.1

sources: CNVD: CNVD-2018-08447 // VULMON: CVE-2018-8840 // JVNDB: JVNDB-2018-004280 // CNNVD: CNNVD-201804-821

EXTERNAL IDS

db:	NVD	id:	CVE-2018-8840	Trust: 3.6
db:	ICS CERT	id:	ICSA-18-107-01	Trust: 3.4
db:	BID	id:	103949	Trust: 2.0
db:	TENABLE	id:	TRA-2018-07	Trust: 1.7
db:	CNVD	id:	CNVD-2018-08447	Trust: 0.8
db:	CNNVD	id:	CNNVD-201804-821	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-004280	Trust: 0.8
db:	IVD	id:	E2ED3CA0-39AB-11E9-A805-000C29342CB1	Trust: 0.2
db:	VULMON	id:	CVE-2018-8840	Trust: 0.1

sources: IVD: e2ed3ca0-39ab-11e9-a805-000c29342cb1 // CNVD: CNVD-2018-08447 // VULMON: CVE-2018-8840 // BID: 103949 // JVNDB: JVNDB-2018-004280 // CNNVD: CNNVD-201804-821 // NVD: CVE-2018-8840

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-01	Trust: 3.5
url:	http://www.securityfocus.com/bid/103949	Trust: 1.8
url:	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/	Trust: 1.7
url:	https://www.tenable.com/security/research/tra-2018-07	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8840	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-8840	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3
url:	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/%20	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/schneider-electric-patches-critical-rce-vulnerability/131610/	Trust: 0.1

sources: CNVD: CNVD-2018-08447 // VULMON: CVE-2018-8840 // BID: 103949 // JVNDB: JVNDB-2018-004280 // CNNVD: CNNVD-201804-821 // NVD: CVE-2018-8840

CREDITS

Tenable Research

Trust: 0.3

sources: BID: 103949

SOURCES

db:	IVD	id:	e2ed3ca0-39ab-11e9-a805-000c29342cb1
db:	CNVD	id:	CNVD-2018-08447
db:	VULMON	id:	CVE-2018-8840
db:	BID	id:	103949
db:	JVNDB	id:	JVNDB-2018-004280
db:	CNNVD	id:	CNNVD-201804-821
db:	NVD	id:	CVE-2018-8840

LAST UPDATE DATE

2024-11-23T22:30:27.419000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08447	date:	2018-04-26T00:00:00
db:	VULMON	id:	CVE-2018-8840	date:	2019-10-09T00:00:00
db:	BID	id:	103949	date:	2018-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-004280	date:	2018-06-15T00:00:00
db:	CNNVD	id:	CNNVD-201804-821	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-8840	date:	2024-11-21T04:14:25.670

SOURCES RELEASE DATE

db:	IVD	id:	e2ed3ca0-39ab-11e9-a805-000c29342cb1	date:	2018-04-26T00:00:00
db:	CNVD	id:	CNVD-2018-08447	date:	2018-04-26T00:00:00
db:	VULMON	id:	CVE-2018-8840	date:	2018-04-18T00:00:00
db:	BID	id:	103949	date:	2018-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-004280	date:	2018-06-15T00:00:00
db:	CNNVD	id:	CNNVD-201804-821	date:	2018-04-18T00:00:00
db:	NVD	id:	CVE-2018-8840	date:	2018-04-18T20:29:00.920