Details of VAR-201902-0690

ID

VAR-201902-0690

CVE

CVE-2018-7817

TITLE

Schneider Electric Zelio Soft Resource Management Error Vulnerability

Trust: 1.4

sources: IVD: 2528b8cc-a329-4001-8499-1bacd3249546 // CNVD: CNVD-2019-45189 // CNNVD: CNNVD-201901-186

DESCRIPTION

A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file. Zelio Soft 2 Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ZelioSoft 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ZM2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the Zelio2 process. Schneider Electric Zelio Soft is a set of logic controller programming software from Schneider Electric of France. Schneider Electric Zelio Soft has a resource management error vulnerability. Zelio Soft 2 Versions 5.1 and prior are vulnerable

Trust: 3.87

sources: NVD: CVE-2018-7817 // JVNDB: JVNDB-2018-014379 // ZDI: ZDI-19-004 // ZDI: ZDI-19-005 // CNVD: CNVD-2019-45189 // BID: 106481 // IVD: 2528b8cc-a329-4001-8499-1bacd3249546

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 2528b8cc-a329-4001-8499-1bacd3249546 // CNVD: CNVD-2019-45189

AFFECTED PRODUCTS

vendor:	schneider electric	model:	zelio soft 2	scope:	lte	version:	5.1	Trust: 1.8
vendor:	schneider electric	model:	zelio soft 2	scope:	-	version:	-	Trust: 1.4
vendor:	schneider	model:	electric zelio soft	scope:	lte	version:	<=2.5.1	Trust: 0.6
vendor:	schneider electric	model:	zelio soft	scope:	eq	version:	25.1	Trust: 0.3
vendor:	schneider electric	model:	zelio soft	scope:	ne	version:	25.2	Trust: 0.3
vendor:	zelio soft 2	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 2528b8cc-a329-4001-8499-1bacd3249546 // ZDI: ZDI-19-004 // ZDI: ZDI-19-005 // CNVD: CNVD-2019-45189 // BID: 106481 // JVNDB: JVNDB-2018-014379 // NVD: CVE-2018-7817

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2018-7817
value:	HIGH
Trust: 1.4
nvd@nist.gov:	CVE-2018-7817
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7817
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-45189
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201901-186
value:	HIGH
Trust: 0.6
IVD:	2528b8cc-a329-4001-8499-1bacd3249546
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2018-7817
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2018-7817
severity:	MEDIUM
baseScore:	4.4
vectorString:	AV:L/AC:M/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2019-45189
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2528b8cc-a329-4001-8499-1bacd3249546
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

ZDI:	CVE-2018-7817
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.4
nvd@nist.gov:	CVE-2018-7817
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2018-7817
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 2528b8cc-a329-4001-8499-1bacd3249546 // ZDI: ZDI-19-004 // ZDI: ZDI-19-005 // CNVD: CNVD-2019-45189 // JVNDB: JVNDB-2018-014379 // CNNVD: CNNVD-201901-186 // NVD: CVE-2018-7817

PROBLEMTYPE DATA

problemtype:

CWE-416

Trust: 1.8

sources: JVNDB: JVNDB-2018-014379 // NVD: CVE-2018-7817

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201901-186

TYPE

Resource management error

Trust: 0.8

sources: IVD: 2528b8cc-a329-4001-8499-1bacd3249546 // CNNVD: CNNVD-201901-186

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014379

PATCH

title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-19-008-01	Trust: 1.4
title:	SEVD-2018-361-01	url:	https://www.schneider-electric.com/en/download/document/SEVD-2018-361-01/	Trust: 0.8
title:	Patch for Schneider Electric Zelio Soft Resource Management Error Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/194029	Trust: 0.6
title:	Schneider Electric Zelio Soft Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88389	Trust: 0.6

sources: ZDI: ZDI-19-004 // ZDI: ZDI-19-005 // CNVD: CNVD-2019-45189 // JVNDB: JVNDB-2018-014379 // CNNVD: CNNVD-201901-186

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7817	Trust: 4.9
db:	ICS CERT	id:	ICSA-19-008-01	Trust: 2.7
db:	SCHNEIDER	id:	SEVD-2018-361-01	Trust: 2.5
db:	BID	id:	106481	Trust: 1.9
db:	CNVD	id:	CNVD-2019-45189	Trust: 0.8
db:	CNNVD	id:	CNNVD-201901-186	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014379	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-7100	Trust: 0.7
db:	ZDI	id:	ZDI-19-004	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-7099	Trust: 0.7
db:	ZDI	id:	ZDI-19-005	Trust: 0.7
db:	IVD	id:	2528B8CC-A329-4001-8499-1BACD3249546	Trust: 0.2

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-008-01	Trust: 4.1
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-361-01/	Trust: 2.5
url:	http://www.securityfocus.com/bid/106481	Trust: 2.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7817	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7817	Trust: 0.8
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-361-01/vendor advisory	Trust: 0.6
url:	http://www.securityfocus.com/bid/106481third party advisoryvdb entry	Trust: 0.6
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: ZDI: ZDI-19-004 // ZDI: ZDI-19-005 // CNVD: CNVD-2019-45189 // BID: 106481 // JVNDB: JVNDB-2018-014379 // CNNVD: CNNVD-201901-186 // NVD: CVE-2018-7817

CREDITS

rgod and mdm of 9sg Security Team

Trust: 0.7

sources: ZDI: ZDI-19-004

SOURCES

db:	IVD	id:	2528b8cc-a329-4001-8499-1bacd3249546
db:	ZDI	id:	ZDI-19-004
db:	ZDI	id:	ZDI-19-005
db:	CNVD	id:	CNVD-2019-45189
db:	BID	id:	106481
db:	JVNDB	id:	JVNDB-2018-014379
db:	CNNVD	id:	CNNVD-201901-186
db:	NVD	id:	CVE-2018-7817

LAST UPDATE DATE

2024-11-23T23:11:55.394000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-004	date:	2019-01-09T00:00:00
db:	ZDI	id:	ZDI-19-005	date:	2019-01-09T00:00:00
db:	CNVD	id:	CNVD-2019-45189	date:	2019-12-13T00:00:00
db:	BID	id:	106481	date:	2019-02-08T04:00:00
db:	JVNDB	id:	JVNDB-2018-014379	date:	2019-03-25T00:00:00
db:	CNNVD	id:	CNNVD-201901-186	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-7817	date:	2024-11-21T04:12:47.300

SOURCES RELEASE DATE

db:	IVD	id:	2528b8cc-a329-4001-8499-1bacd3249546	date:	2019-12-13T00:00:00
db:	ZDI	id:	ZDI-19-004	date:	2019-01-09T00:00:00
db:	ZDI	id:	ZDI-19-005	date:	2019-01-09T00:00:00
db:	CNVD	id:	CNVD-2019-45189	date:	2019-12-13T00:00:00
db:	BID	id:	106481	date:	2019-01-08T00:00:00
db:	JVNDB	id:	JVNDB-2018-014379	date:	2019-03-19T00:00:00
db:	CNNVD	id:	CNNVD-201901-186	date:	2019-01-10T00:00:00
db:	NVD	id:	CVE-2018-7817	date:	2019-02-06T23:29:00.590