Details of VAR-202011-1286

ID

VAR-202011-1286

CVE

CVE-2020-7550

TITLE

Schneider Electric Made Interactive Graphical SCADA System Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009593

DESCRIPTION

A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. Interactive Graphical SCADA System (IGSS) Is Schneider Electric Software for monitoring and controlling control systems provided by the company. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CGF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. IGSS version 14.0.0.20247 and earlier have a buffer overflow vulnerability. The vulnerability stems from inappropriate restrictions on operations within the memory buffer boundary

Trust: 2.88

sources: NVD: CVE-2020-7550 // JVNDB: JVNDB-2020-009593 // ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // VULHUB: VHN-185675

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-70530

AFFECTED PRODUCTS

vendor:	schneider electric	model:	interactive graphical scada system	scope:	lte	version:	14.0.0.20247	Trust: 1.0
vendor:	schneider electric	model:	interactive graphical scada system	scope:	eq	version:	version 14.0.0.20247	Trust: 0.8
vendor:	schneider electric	model:	igss	scope:	-	version:	-	Trust: 0.7
vendor:	schneider	model:	electric interactive graphical scada system	scope:	eq	version:	14.0.0.20247	Trust: 0.6

sources: ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // JVNDB: JVNDB-2020-009593 // NVD: CVE-2020-7550

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2020-009593
value:	HIGH
Trust: 7.2
nvd@nist.gov:	CVE-2020-7550
value:	HIGH
Trust: 1.0
ZDI:	CVE-2020-7550
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2020-70530
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202011-1567
value:	HIGH
Trust: 0.6
VULHUB:	VHN-185675
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-7550
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2020-70530
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-185675
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

IPA score:	JVNDB-2020-009593
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 7.2
nvd@nist.gov:	CVE-2020-7550
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2020-7550
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // VULHUB: VHN-185675 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // JVNDB: JVNDB-2020-009593 // CNNVD: CNNVD-202011-1567 // NVD: CVE-2020-7550

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.9
problemtype:	CWE-787	Trust: 0.8
problemtype:	CWE-125	Trust: 0.8

sources: VULHUB: VHN-185675 // JVNDB: JVNDB-2020-009593 // NVD: CVE-2020-7550

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-1567

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202011-1567

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009593

PATCH

title:	Security Notification - Interactive Graphical SCADA System (IGSS)	url:	https://www.se.com/ww/en/download/document/SEVD-2020-315-03	Trust: 0.8
title:	IGSS Licensed Versions	url:	https://igss.schneider-electric.com/licensed-versions	Trust: 0.8
title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://www.se.com/ww/en/download/document/SEVD-2020-315-03/	Trust: 0.7
title:	Patch for Schneider Electric Interactive Graphical SCADA System buffer overflow vulnerability (CNVD-2020-70530)	url:	https://www.cnvd.org.cn/patchInfo/show/241747	Trust: 0.6
title:	Schneider Electric Interactive Graphical SCADA System Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135155	Trust: 0.6

sources: ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // JVNDB: JVNDB-2020-009593 // CNNVD: CNNVD-202011-1567

EXTERNAL IDS

db:	NVD	id:	CVE-2020-7550	Trust: 3.8
db:	ZDI	id:	ZDI-21-092	Trust: 2.4
db:	ICS CERT	id:	ICSA-20-324-04	Trust: 2.0
db:	SCHNEIDER	id:	SEVD-2020-315-03	Trust: 1.7
db:	JVN	id:	JVNVU99979220	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-009593	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-11168	Trust: 0.7
db:	CNNVD	id:	CNNVD-202011-1567	Trust: 0.7
db:	CNVD	id:	CNVD-2020-70530	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4088	Trust: 0.6
db:	VULHUB	id:	VHN-185675	Trust: 0.1

sources: ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // VULHUB: VHN-185675 // JVNDB: JVNDB-2020-009593 // CNNVD: CNNVD-202011-1567 // NVD: CVE-2020-7550

REFERENCES

url:	https://www.se.com/ww/en/download/document/sevd-2020-315-03/	Trust: 2.4
url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-324-04	Trust: 2.0
url:	https://www.zerodayinitiative.com/advisories/zdi-21-092/	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7550	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7558	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7551	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7552	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7553	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7554	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7555	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7556	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7557	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99979220	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7550	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4088/	Trust: 0.6

sources: ZDI: ZDI-21-092 // CNVD: CNVD-2020-70530 // VULHUB: VHN-185675 // JVNDB: JVNDB-2020-009593 // CNNVD: CNNVD-202011-1567 // NVD: CVE-2020-7550

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-21-092

SOURCES

db:	ZDI	id:	ZDI-21-092
db:	CNVD	id:	CNVD-2020-70530
db:	VULHUB	id:	VHN-185675
db:	JVNDB	id:	JVNDB-2020-009593
db:	CNNVD	id:	CNNVD-202011-1567
db:	NVD	id:	CVE-2020-7550

LAST UPDATE DATE

2024-11-23T21:35:03.762000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-092	date:	2021-01-29T00:00:00
db:	CNVD	id:	CNVD-2020-70530	date:	2020-12-10T00:00:00
db:	VULHUB	id:	VHN-185675	date:	2021-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2020-009593	date:	2020-11-19T08:46:47
db:	CNNVD	id:	CNNVD-202011-1567	date:	2021-02-01T00:00:00
db:	NVD	id:	CVE-2020-7550	date:	2024-11-21T05:37:21.777

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-092	date:	2021-01-29T00:00:00
db:	CNVD	id:	CNVD-2020-70530	date:	2020-11-17T00:00:00
db:	VULHUB	id:	VHN-185675	date:	2020-11-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-009593	date:	2020-11-19T08:46:47
db:	CNNVD	id:	CNNVD-202011-1567	date:	2020-11-17T00:00:00
db:	NVD	id:	CVE-2020-7550	date:	2020-11-19T22:15:14.177