Sign-up

ID

VAR-202007-0047


CVE

CVE-2020-10920


TITLE

C-More HMI EA9 access control error vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-49044 // CNNVD: CNNVD-202007-347

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port 9999 by default. The issue results from the lack of authentication prior to allowing alterations to the system configuration. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10493. Zero Day Initiative To this vulnerability ZDI-CAN-10493 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. C-More HMI EA9 is a human-machine interface touch panel

Trust: 2.79

sources: NVD: CVE-2020-10920 // JVNDB: JVNDB-2020-008746 // ZDI: ZDI-20-808 // CNVD: CNVD-2020-49044

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-49044

AFFECTED PRODUCTS

vendor:automationdirectmodel:c-more hmi ea9scope:eqversion:6.52

Trust: 1.8

vendor:c moremodel:hmi ea9scope: - version: -

Trust: 0.7

vendor:c moremodel:hmi ea9scope:eqversion:6.52

Trust: 0.6

sources: ZDI: ZDI-20-808 // CNVD: CNVD-2020-49044 // JVNDB: JVNDB-2020-008746 // NVD: CVE-2020-10920

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10920
value: CRITICAL

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10920
value: CRITICAL

Trust: 1.0

NVD: JVNDB-2020-008746
value: CRITICAL

Trust: 0.8

ZDI: CVE-2020-10920
value: CRITICAL

Trust: 0.7

CNVD: CNVD-2020-49044
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202007-347
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2020-10920
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-008746
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-49044
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-10920
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10920
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-008746
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-10920
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-808 // CNVD: CNVD-2020-49044 // JVNDB: JVNDB-2020-008746 // CNNVD: CNNVD-202007-347 // NVD: CVE-2020-10920 // NVD: CVE-2020-10920

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.8

sources: JVNDB: JVNDB-2020-008746 // NVD: CVE-2020-10920

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-347

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202007-347

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008746

PATCH
title:Top Pageurl:https://www.automationdirect.com/
Trust: 0.8
title:Patch for C-More HMI EA9 access control error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/232072
Trust: 0.6
title:C-More HMI EA9 Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=124861
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-49044 // 
            
            
            
            JVNDB: JVNDB-2020-008746 // 
            
            
            
            CNNVD: CNNVD-202007-347

EXTERNAL IDS
db:NVDid:CVE-2020-10920
Trust: 3.7
db:ZDIid:ZDI-20-808
Trust: 3.7
db:JVNDBid:JVNDB-2020-008746
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-10493
Trust: 0.7
db:CNVDid:CNVD-2020-49044
Trust: 0.6
db:CNNVDid:CNNVD-202007-347
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-808 // 
            
            
            
            CNVD: CNVD-2020-49044 // 
            
            
            
            JVNDB: JVNDB-2020-008746 // 
            
            
            
            CNNVD: CNNVD-202007-347 // 
            
            
            
            NVD: CVE-2020-10920

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-20-808/
Trust: 3.0
url:https://nvd.nist.gov/vuln/detail/cve-2020-10920
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10920
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-49044 // 
            
            
            
            JVNDB: JVNDB-2020-008746 // 
            
            
            
            CNNVD: CNNVD-202007-347 // 
            
            
            
            NVD: CVE-2020-10920

CREDITS
Ta-Lun Yen & Chizuru Toyama of TXOne IoT/ICS Security Research Labs (Trend Micro)
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-808

SOURCES
db:ZDIid:ZDI-20-808
db:CNVDid:CNVD-2020-49044
db:JVNDBid:JVNDB-2020-008746
db:CNNVDid:CNNVD-202007-347
db:NVDid:CVE-2020-10920

LAST UPDATE DATE
2024-11-23T22:58:11.900000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-808date:2020-07-08T00:00:00
db:CNVDid:CNVD-2020-49044date:2020-08-28T00:00:00
db:JVNDBid:JVNDB-2020-008746date:2020-09-24T00:00:00
db:CNNVDid:CNNVD-202007-347date:2020-07-29T00:00:00
db:NVDid:CVE-2020-10920date:2024-11-21T04:56:22.320

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-808date:2020-07-07T00:00:00
db:CNVDid:CNVD-2020-49044date:2020-08-28T00:00:00
db:JVNDBid:JVNDB-2020-008746date:2020-09-24T00:00:00
db:CNNVDid:CNNVD-202007-347date:2020-07-07T00:00:00
db:NVDid:CVE-2020-10920date:2020-07-23T16:15:12.257