Sign-up

ID

VAR-202003-1445


CVE

CVE-2020-7479


TITLE

Schneider Electric Interactive Graphical SCADA System Access Control Error Vulnerability

Trust: 1.8

sources: IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // CNVD: CNVD-2020-19888 // CNNVD: CNNVD-202003-1340

DESCRIPTION

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a local user to execute processes that otherwise require escalation privileges when sending local network commands to the IGSS Update Service. IGSS There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric IGSS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the IGSSupdateservice service, which listens on TCP port 12414 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Monitoring System) system for monitoring and controlling industrial processes by Schneider Electric (France). Schneider Electric IGSS (Interactive Graphical SCADA System) 14 and earlier versions (using IGSSupdate service) have access control error vulnerabilities. The vulnerability stems from network systems or products that do not properly restrict access to resources from unauthorized roles

Trust: 3.42

sources: NVD: CVE-2020-7479 // JVNDB: JVNDB-2020-003179 // ZDI: ZDI-20-370 // CNVD: CNVD-2020-19888 // IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // VULHUB: VHN-185604

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // CNVD: CNVD-2020-19888

AFFECTED PRODUCTS

vendor:schneider electricmodel:interactive graphical scada systemscope:gteversion:14.0

Trust: 1.0

vendor:schneider electricmodel:interactive graphical scada systemscope:ltversion:14.0.0.20009

Trust: 1.0

vendor:schneider electricmodel:interactive graphical scada systemscope:eqversion:14

Trust: 0.8

vendor:schneider electricmodel:igssscope: - version: -

Trust: 0.7

vendor:interactive graphical scada systemmodel: - scope:eqversion:*

Trust: 0.6

vendor:schneidermodel:electric igssscope:lteversion:<=14

Trust: 0.6

sources: IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // ZDI: ZDI-20-370 // CNVD: CNVD-2020-19888 // JVNDB: JVNDB-2020-003179 // NVD: CVE-2020-7479

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-7479
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-003179
value: HIGH

Trust: 0.8

ZDI: CVE-2020-7479
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-19888
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202003-1340
value: HIGH

Trust: 0.6

IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992
value: HIGH

Trust: 0.2

IVD: 74948927-d328-4f80-9f7c-7522889db29e
value: HIGH

Trust: 0.2

IVD: e2497741-9c48-468f-b5ed-39ad38f987ae
value: HIGH

Trust: 0.2

VULHUB: VHN-185604
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-7479
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003179
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-19888
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 74948927-d328-4f80-9f7c-7522889db29e
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: e2497741-9c48-468f-b5ed-39ad38f987ae
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-185604
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-7479
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003179
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-7479
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // ZDI: ZDI-20-370 // CNVD: CNVD-2020-19888 // VULHUB: VHN-185604 // JVNDB: JVNDB-2020-003179 // CNNVD: CNNVD-202003-1340 // NVD: CVE-2020-7479

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.9

sources: VULHUB: VHN-185604 // JVNDB: JVNDB-2020-003179 // NVD: CVE-2020-7479

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202003-1340

TYPE

Access control error

Trust: 1.2

sources: IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // IVD: 74948927-d328-4f80-9f7c-7522889db29e // IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // CNNVD: CNNVD-202003-1340

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003179

PATCH
title:SEVD-2020-070-01url:https://www.se.com/ww/en/download/document/SEVD-2020-070-01/
Trust: 0.8
title:Schneider Electric has issued an update to correct this vulnerability.url:https://www.us-cert.gov/ics/advisories/icsa-20-084-02
Trust: 0.7
title:Patch for Schneider Electric Interactive Graphical SCADA System Access Control Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/211413
Trust: 0.6
title:Schneider Electric Interactive Graphical SCADA System Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112782
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-370 // 
            
            
            
            CNVD: CNVD-2020-19888 // 
            
            
            
            JVNDB: JVNDB-2020-003179 // 
            
            
            
            CNNVD: CNNVD-202003-1340

EXTERNAL IDS
db:NVDid:CVE-2020-7479
Trust: 4.4
db:ZDIid:ZDI-20-370
Trust: 2.4
db:SCHNEIDERid:SEVD-2020-070-01
Trust: 1.7
db:ICS CERTid:ICSA-20-084-02
Trust: 1.4
db:CNVDid:CNVD-2020-19888
Trust: 1.3
db:CNNVDid:CNNVD-202003-1340
Trust: 1.3
db:JVNDBid:JVNDB-2020-003179
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-9758
Trust: 0.7
db:NSFOCUSid:46227
Trust: 0.6
db:AUSCERTid:ESB-2020.1085
Trust: 0.6
db:IVDid:47CF2633-AF46-4636-89D7-2C1A2EDBC992
Trust: 0.2
db:IVDid:74948927-D328-4F80-9F7C-7522889DB29E
Trust: 0.2
db:IVDid:E2497741-9C48-468F-B5ED-39AD38F987AE
Trust: 0.2
db:VULHUBid:VHN-185604
Trust: 0.1
sources:
            
            
            IVD: 47cf2633-af46-4636-89d7-2c1a2edbc992 // 
            
            
            
            IVD: 74948927-d328-4f80-9f7c-7522889db29e // 
            
            
            
            IVD: e2497741-9c48-468f-b5ed-39ad38f987ae // 
            
            
            
            ZDI: ZDI-20-370 // 
            
            
            
            CNVD: CNVD-2020-19888 // 
            
            
            
            VULHUB: VHN-185604 // 
            
            
            
            JVNDB: JVNDB-2020-003179 // 
            
            
            
            CNNVD: CNNVD-202003-1340 // 
            
            
            
            NVD: CVE-2020-7479

REFERENCES
url:https://www.us-cert.gov/ics/advisories/icsa-20-084-02
Trust: 2.1
url:https://nvd.nist.gov/vuln/detail/cve-2020-7479
Trust: 2.0
url:https://www.se.com/ww/en/download/document/sevd-2020-070-01/
Trust: 1.7
url:https://www.zerodayinitiative.com/advisories/zdi-20-370/
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7479
Trust: 0.8
url:http://www.nsfocus.net/vulndb/46227
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.1085/
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-370 // 
            
            
            
            CNVD: CNVD-2020-19888 // 
            
            
            
            VULHUB: VHN-185604 // 
            
            
            
            JVNDB: JVNDB-2020-003179 // 
            
            
            
            CNNVD: CNNVD-202003-1340 // 
            
            
            
            NVD: CVE-2020-7479

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-370

SOURCES
db:IVDid:47cf2633-af46-4636-89d7-2c1a2edbc992
db:IVDid:74948927-d328-4f80-9f7c-7522889db29e
db:IVDid:e2497741-9c48-468f-b5ed-39ad38f987ae
db:ZDIid:ZDI-20-370
db:CNVDid:CNVD-2020-19888
db:VULHUBid:VHN-185604
db:JVNDBid:JVNDB-2020-003179
db:CNNVDid:CNNVD-202003-1340
db:NVDid:CVE-2020-7479

LAST UPDATE DATE
2024-11-23T22:44:38.143000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-370date:2020-04-03T00:00:00
db:CNVDid:CNVD-2020-19888date:2020-03-28T00:00:00
db:VULHUBid:VHN-185604date:2022-10-06T00:00:00
db:JVNDBid:JVNDB-2020-003179date:2020-06-24T00:00:00
db:CNNVDid:CNNVD-202003-1340date:2020-04-07T00:00:00
db:NVDid:CVE-2020-7479date:2024-11-21T05:37:13.673

SOURCES RELEASE DATE
db:IVDid:47cf2633-af46-4636-89d7-2c1a2edbc992date:2020-03-23T00:00:00
db:IVDid:74948927-d328-4f80-9f7c-7522889db29edate:2020-03-23T00:00:00
db:IVDid:e2497741-9c48-468f-b5ed-39ad38f987aedate:2020-03-23T00:00:00
db:ZDIid:ZDI-20-370date:2020-04-03T00:00:00
db:CNVDid:CNVD-2020-19888date:2020-03-28T00:00:00
db:VULHUBid:VHN-185604date:2020-03-23T00:00:00
db:JVNDBid:JVNDB-2020-003179date:2020-04-07T00:00:00
db:CNNVDid:CNNVD-202003-1340date:2020-03-23T00:00:00
db:NVDid:CVE-2020-7479date:2020-03-23T20:15:12.450