Details of VAR-201907-0067

ID

VAR-201907-0067

CVE

CVE-2019-6822

TITLE

Zelio Soft 2 Uses freed memory vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-006480

DESCRIPTION

A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file. Zelio Soft 2 Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric ZelioSoft 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ZM2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Schneider Electric Zelio Soft 2 version 5.2 and prior are vulnerable

Trust: 2.52

sources: NVD: CVE-2019-6822 // JVNDB: JVNDB-2019-006480 // ZDI: ZDI-19-658 // BID: 109100

AFFECTED PRODUCTS

vendor:	schneider electric	model:	zelio soft 2	scope:	lte	version:	5.2	Trust: 1.8
vendor:	schneider electric	model:	zelio soft 2	scope:	-	version:	-	Trust: 0.7
vendor:	schneider electric	model:	zelio soft	scope:	eq	version:	25.2	Trust: 0.3
vendor:	schneider electric	model:	zelio soft	scope:	eq	version:	25.1	Trust: 0.3
vendor:	schneider electric	model:	zelio soft	scope:	ne	version:	25.3	Trust: 0.3

sources: ZDI: ZDI-19-658 // BID: 109100 // JVNDB: JVNDB-2019-006480 // NVD: CVE-2019-6822

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2019-6822
value:	HIGH
Trust: 1.8
ZDI:	CVE-2019-6822
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-201907-521
value:	HIGH
Trust: 0.6

NVD:	CVE-2019-6822
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

NVD:	CVE-2019-6822
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 1.8
ZDI:	CVE-2019-6822
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-19-658 // JVNDB: JVNDB-2019-006480 // CNNVD: CNNVD-201907-521 // NVD: CVE-2019-6822

PROBLEMTYPE DATA

problemtype:

CWE-416

Trust: 1.8

sources: JVNDB: JVNDB-2019-006480 // NVD: CVE-2019-6822

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201907-521

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201907-521

CONFIGURATIONS

sources: NVD: CVE-2019-6822

PATCH

title:	SEVD-2019-190-01	url:	https://www.schneider-electric.com/ww/en/download/document/sevd-2019-190-01	Trust: 0.8
title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-19-190-03	Trust: 0.7
title:	Schneider Electric Zelio Soft 2 Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=94654	Trust: 0.6

sources: ZDI: ZDI-19-658 // JVNDB: JVNDB-2019-006480 // CNNVD: CNNVD-201907-521

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6822	Trust: 3.4
db:	ICS CERT	id:	ICSA-19-190-03	Trust: 2.7
db:	ZDI	id:	ZDI-19-658	Trust: 2.3
db:	BID	id:	109100	Trust: 1.9
db:	SCHNEIDER	id:	SEVD-2019-190-01	Trust: 1.6
db:	JVNDB	id:	JVNDB-2019-006480	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-7895	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2523	Trust: 0.6
db:	CNNVD	id:	CNNVD-201907-521	Trust: 0.6

sources: ZDI: ZDI-19-658 // BID: 109100 // JVNDB: JVNDB-2019-006480 // CNNVD: CNNVD-201907-521 // NVD: CVE-2019-6822

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-19-190-03	Trust: 3.4
url:	https://www.securityfocus.com/bid/109100	Trust: 2.2
url:	https://www.schneider-electric.com/ww/en/download/document/sevd-2019-190-01	Trust: 1.6
url:	https://www.zerodayinitiative.com/advisories/zdi-19-658/	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6822	Trust: 1.4
url:	http://www.schneider-electric.com/products/ww/en/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6822	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.2523/	Trust: 0.6

sources: ZDI: ZDI-19-658 // BID: 109100 // JVNDB: JVNDB-2019-006480 // CNNVD: CNNVD-201907-521 // NVD: CVE-2019-6822

CREDITS

9sg Security Team working with Trend Micro Zero Day Initiative

Trust: 0.9

sources: BID: 109100 // CNNVD: CNNVD-201907-521

SOURCES

db:	ZDI	id:	ZDI-19-658
db:	BID	id:	109100
db:	JVNDB	id:	JVNDB-2019-006480
db:	CNNVD	id:	CNNVD-201907-521
db:	NVD	id:	CVE-2019-6822

LAST UPDATE DATE

2022-05-04T09:10:15.048000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-658	date:	2019-07-10T00:00:00
db:	BID	id:	109100	date:	2019-07-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-006480	date:	2019-08-05T00:00:00
db:	CNNVD	id:	CNNVD-201907-521	date:	2019-07-23T00:00:00
db:	NVD	id:	CVE-2019-6822	date:	2019-07-22T20:15:00

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-19-658	date:	2019-07-10T00:00:00
db:	BID	id:	109100	date:	2019-07-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-006480	date:	2019-07-22T00:00:00
db:	CNNVD	id:	CNNVD-201907-521	date:	2019-07-09T00:00:00
db:	NVD	id:	CVE-2019-6822	date:	2019-07-15T21:15:00