Details of VAR-201805-0949

ID

VAR-201805-0949

CVE

CVE-2018-8872

TITLE

Schneider Electric Triconex Tricon MP model 3008 firmware Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004914

DESCRIPTION

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory. The Triconex Tricon 3008 is a network equipment product from Schneider Electric, France. Schneider Electric Triconex Tricon 3008 MP is prone to multiple memory corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition. Triconex Tricon 3008 MP Firmware versions 10.0 through 10.4 are vulnerable

Trust: 2.61

sources: NVD: CVE-2018-8872 // JVNDB: JVNDB-2018-004914 // CNVD: CNVD-2018-08448 // BID: 103947 // IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1 // CNVD: CNVD-2018-08448

AFFECTED PRODUCTS

vendor:	schneider electric	model:	triconex tricon mp 3008	scope:	lte	version:	10.4	Trust: 1.0
vendor:	schneider electric	model:	triconex tricon mp 3008	scope:	gte	version:	10.0	Trust: 1.0
vendor:	schneider electric	model:	triconex tricon mp 3008	scope:	eq	version:	10.0 to 10.4	Trust: 0.8
vendor:	schneider	model:	electric triconex tricon mp model	scope:	eq	version:	300810.0-10.4	Trust: 0.6
vendor:	schneider electric	model:	triconex tricon mp	scope:	eq	version:	300810.4	Trust: 0.3
vendor:	schneider electric	model:	triconex tricon mp	scope:	eq	version:	300810.0	Trust: 0.3
vendor:	schneider electric	model:	triconex tricon mp	scope:	ne	version:	300811.2	Trust: 0.3
vendor:	triconex tricon mp 3008	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1 // CNVD: CNVD-2018-08448 // BID: 103947 // JVNDB: JVNDB-2018-004914 // NVD: CVE-2018-8872

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-8872
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-8872
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08448
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201805-175
value:	HIGH
Trust: 0.6
IVD:	e2ed3c9f-39ab-11e9-bf8a-000c29342cb1
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2018-8872
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-08448
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ed3c9f-39ab-11e9-bf8a-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-8872
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1 // CNVD: CNVD-2018-08448 // JVNDB: JVNDB-2018-004914 // CNNVD: CNNVD-201805-175 // NVD: CVE-2018-8872

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2018-004914 // NVD: CVE-2018-8872

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-175

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1 // CNNVD: CNNVD-201805-175

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004914

PATCH

title:	SEVD-2017-347-01	url:	https://www.schneider-electric.com/en/download/document/SEVD-2017-347-01/	Trust: 0.8
title:	SchneiderElectricTriconexTricon is not authorized to patch vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/127461	Trust: 0.6
title:	Schneider Electric Triconex Tricon MP 3008 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79880	Trust: 0.6

sources: CNVD: CNVD-2018-08448 // JVNDB: JVNDB-2018-004914 // CNNVD: CNNVD-201805-175

EXTERNAL IDS

db:	NVD	id:	CVE-2018-8872	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-107-02	Trust: 3.3
db:	BID	id:	103947	Trust: 1.9
db:	SCHNEIDER	id:	SEVD-2017-347-01	Trust: 1.6
db:	CNVD	id:	CNVD-2018-08448	Trust: 0.8
db:	CNNVD	id:	CNNVD-201805-175	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-004914	Trust: 0.8
db:	IVD	id:	E2ED3C9F-39AB-11E9-BF8A-000C29342CB1	Trust: 0.2

sources: IVD: e2ed3c9f-39ab-11e9-bf8a-000c29342cb1 // CNVD: CNVD-2018-08448 // BID: 103947 // JVNDB: JVNDB-2018-004914 // CNNVD: CNNVD-201805-175 // NVD: CVE-2018-8872

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-02	Trust: 3.3
url:	https://www.schneider-electric.com/en/download/document/sevd-2017-347-01/	Trust: 1.6
url:	http://www.securityfocus.com/bid/103947	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8872	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-8872	Trust: 0.8
url:	www.controlmicrosystems.com	Trust: 0.3

sources: CNVD: CNVD-2018-08448 // BID: 103947 // JVNDB: JVNDB-2018-004914 // CNNVD: CNNVD-201805-175 // NVD: CVE-2018-8872

CREDITS

NCCIC and Schneider Electric

Trust: 0.3

sources: BID: 103947

SOURCES

db:	IVD	id:	e2ed3c9f-39ab-11e9-bf8a-000c29342cb1
db:	CNVD	id:	CNVD-2018-08448
db:	BID	id:	103947
db:	JVNDB	id:	JVNDB-2018-004914
db:	CNNVD	id:	CNNVD-201805-175
db:	NVD	id:	CVE-2018-8872

LAST UPDATE DATE

2024-11-23T22:38:12.646000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08448	date:	2018-04-26T00:00:00
db:	BID	id:	103947	date:	2018-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-004914	date:	2018-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201805-175	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-8872	date:	2024-11-21T04:14:29.880

SOURCES RELEASE DATE

db:	IVD	id:	e2ed3c9f-39ab-11e9-bf8a-000c29342cb1	date:	2018-04-26T00:00:00
db:	CNVD	id:	CNVD-2018-08448	date:	2018-04-26T00:00:00
db:	BID	id:	103947	date:	2018-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-004914	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-175	date:	2018-05-07T00:00:00
db:	NVD	id:	CVE-2018-8872	date:	2018-05-04T17:29:00.723