Sign-up

ID

VAR-202004-0074


CVE

CVE-2020-10611


TITLE

plural Triangle MicroWorks Product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-003486

DESCRIPTION

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets. Triangle MicroWorks Library for control systems provided by the company DNP3 Outstation Libraries , And data management applications for control systems SCADA Data Gateway The following vulnerabilities exist in. DNP3 Outstation Libraries * Stack-based buffer overflow (CWE-121) - CVE-2020-6966 SCADA Data Gateway * Wrong type (CWE-843) - CVE-2020-10611 * Out-of-bounds read (CWE-125) - CVE-2020-10613 * Stack-based buffer overflow (CWE-121) - CVE-2020-10615The expected impact depends on each vulnerability, but it may be affected as follows. * Code execution stopped by an unauthenticated remote third party - CVE-2020-6966 * Arbitrary code executed by an unauthenticated remote third party - CVE-2020-10611 * Sensitive information stolen by an unauthenticated remote third party - CVE-2020-10613 * Interfering with service operations by an unauthenticated remote third party (DoS) Be attacked - CVE-2020-10615. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product of American Triangle MicroWorks company

Trust: 2.97

sources: NVD: CVE-2020-10611 // JVNDB: JVNDB-2020-003486 // ZDI: ZDI-20-549 // CNVD: CNVD-2020-28050 // VULHUB: VHN-163107 // VULMON: CVE-2020-10611

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-28050

AFFECTED PRODUCTS

vendor:trianglemicroworksmodel:scada data gatewayscope:lteversion:4.0.122

Trust: 1.0

vendor:trianglemicroworksmodel:scada data gatewayscope:gteversion:2.41.0213

Trust: 1.0

vendor:triangle microworksmodel:dnp3 outstationscope:eqversion:.net protocol components version 3.16.00 から 3.25.01

Trust: 0.8

vendor:triangle microworksmodel:dnp3 outstationscope:eqversion:ansi c source code libraries version 3.16.00 から 3.25.01

Trust: 0.8

vendor:triangle microworksmodel:scada data gatewayscope:eqversion:software version 2.41.0213 から 4.0.122

Trust: 0.8

vendor:triangle microworksmodel:scada data gatewayscope: - version: -

Trust: 0.7

vendor:trianglemodel:microworks scada data gatewayscope:gteversion:3.02.0697,<=4.0.122

Trust: 0.6

vendor:trianglemodel:microworks scada data gatewayscope:gteversion:2.41.0213,<=4.0.122

Trust: 0.6

sources: ZDI: ZDI-20-549 // CNVD: CNVD-2020-28050 // JVNDB: JVNDB-2020-003486 // NVD: CVE-2020-10611

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2020-003486
value: CRITICAL

Trust: 1.6

IPA: JVNDB-2020-003486
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2020-10611
value: CRITICAL

Trust: 1.0

ZDI: CVE-2020-10611
value: CRITICAL

Trust: 0.7

CNVD: CNVD-2020-28050
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202004-945
value: CRITICAL

Trust: 0.6

VULHUB: VHN-163107
value: HIGH

Trust: 0.1

VULMON: CVE-2020-10611
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-10611
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2020-28050
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-163107
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-10611
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-003486
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA score: JVNDB-2020-003486
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: 3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA score: JVNDB-2020-003486
baseSeverity: HIGH
baseScore: 5.3
vectorString: 3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

IPA score: JVNDB-2020-003486
baseSeverity: HIGH
baseScore: 7.5
vectorString: 3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-10611
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-549 // CNVD: CNVD-2020-28050 // VULHUB: VHN-163107 // VULMON: CVE-2020-10611 // JVNDB: JVNDB-2020-003486 // JVNDB: JVNDB-2020-003486 // JVNDB: JVNDB-2020-003486 // JVNDB: JVNDB-2020-003486 // CNNVD: CNNVD-202004-945 // NVD: CVE-2020-10611

PROBLEMTYPE DATA

problemtype:CWE-843

Trust: 1.9

problemtype:CWE-121

Trust: 0.8

problemtype:CWE-125

Trust: 0.8

sources: VULHUB: VHN-163107 // JVNDB: JVNDB-2020-003486 // NVD: CVE-2020-10611

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-945

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-945

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003486

PATCH
title:Support Request: .NET Protocol Componentsurl:https://www.trianglemicroworks.com/support/dotnet-protocol-components
Trust: 0.8
title:Support Request: Source Code Libraryurl:https://www.trianglemicroworks.com/support/source-code-libraries
Trust: 0.8
title:Support Request: SCADA Data Gatewayurl:https://www.trianglemicroworks.com/support/scada-data-gateway
Trust: 0.8
title:Triangle MicroWorks has issued an update to correct this vulnerability.url:https://www.us-cert.gov/ics/advisories/icsa-20-105-03
Trust: 0.7
title:Patch for Triangle MicroWorks SCADA Data Gateway Type Confusion Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/217387
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-549 // 
            
            
            
            CNVD: CNVD-2020-28050 // 
            
            
            
            JVNDB: JVNDB-2020-003486

EXTERNAL IDS
db:NVDid:CVE-2020-10611
Trust: 3.9
db:ICS CERTid:ICSA-20-105-03
Trust: 3.2
db:ZDIid:ZDI-20-549
Trust: 2.5
db:ICS CERTid:ICSA-20-105-02
Trust: 0.8
db:JVNid:JVNVU93838113
Trust: 0.8
db:JVNDBid:JVNDB-2020-003486
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10301
Trust: 0.7
db:CNNVDid:CNNVD-202004-945
Trust: 0.7
db:CNVDid:CNVD-2020-28050
Trust: 0.6
db:AUSCERTid:ESB-2020.1310
Trust: 0.6
db:NSFOCUSid:47417
Trust: 0.6
db:VULHUBid:VHN-163107
Trust: 0.1
db:VULMONid:CVE-2020-10611
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-549 // 
            
            
            
            CNVD: CNVD-2020-28050 // 
            
            
            
            VULHUB: VHN-163107 // 
            
            
            
            VULMON: CVE-2020-10611 // 
            
            
            
            JVNDB: JVNDB-2020-003486 // 
            
            
            
            CNNVD: CNNVD-202004-945 // 
            
            
            
            NVD: CVE-2020-10611

REFERENCES
url:https://www.us-cert.gov/ics/advisories/icsa-20-105-03
Trust: 4.5
url:https://www.zerodayinitiative.com/advisories/zdi-20-549/
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10611
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10613
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10615
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6996
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-20-105-02
Trust: 0.8
url:https://jvn.jp/vu/jvnvu93838113/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-10611
Trust: 0.6
url:http://www.nsfocus.net/vulndb/47417
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.1310/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/843.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/179594
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-549 // 
            
            
            
            CNVD: CNVD-2020-28050 // 
            
            
            
            VULHUB: VHN-163107 // 
            
            
            
            VULMON: CVE-2020-10611 // 
            
            
            
            JVNDB: JVNDB-2020-003486 // 
            
            
            
            CNNVD: CNNVD-202004-945 // 
            
            
            
            NVD: CVE-2020-10611

CREDITS
Tobias Scharnowski, Niklas Breitfeld, and Ali Abbasi
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-549

SOURCES
db:ZDIid:ZDI-20-549
db:CNVDid:CNVD-2020-28050
db:VULHUBid:VHN-163107
db:VULMONid:CVE-2020-10611
db:JVNDBid:JVNDB-2020-003486
db:CNNVDid:CNNVD-202004-945
db:NVDid:CVE-2020-10611

LAST UPDATE DATE
2024-11-23T21:51:36.244000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-549date:2020-04-16T00:00:00
db:CNVDid:CNVD-2020-28050date:2020-05-13T00:00:00
db:VULHUBid:VHN-163107date:2020-04-22T00:00:00
db:VULMONid:CVE-2020-10611date:2020-04-22T00:00:00
db:JVNDBid:JVNDB-2020-003486date:2020-04-17T00:00:00
db:CNNVDid:CNNVD-202004-945date:2020-08-05T00:00:00
db:NVDid:CVE-2020-10611date:2024-11-21T04:55:41.810

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-549date:2020-04-16T00:00:00
db:CNVDid:CNVD-2020-28050date:2020-05-13T00:00:00
db:VULHUBid:VHN-163107date:2020-04-15T00:00:00
db:VULMONid:CVE-2020-10611date:2020-04-15T00:00:00
db:JVNDBid:JVNDB-2020-003486date:2020-04-17T00:00:00
db:CNNVDid:CNNVD-202004-945date:2020-04-14T00:00:00
db:NVDid:CVE-2020-10611date:2020-04-15T19:15:13.613