Sign-up

ID

VAR-202101-0360


CVE

CVE-2020-27280


TITLE

plural Delta Electronics Product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2021-001012

DESCRIPTION

A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. Delta Electronics The following vulnerabilities exist in multiple products provided by the company. ‥ * Use of freed memory (Use-after-free) (CWE-416) - CVE-2020-27280 ‥ * Untrusted pointer reference (CWE-822) - CVE-2020-27288 ‥ * Out-of-bounds writing (CWE-787) - CVE-2020-27284Both vulnerabilities could allow arbitrary code to be executed with application privileges by processing a specially crafted project file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of ISP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Delta Electronics ISPSoft is a set of PLC (Programmable Logic Controller) programming software of Delta Electronics, Taiwan, China. Delta Electronics ISPSoft v3.12 and prior has an access control error vulnerability, which is caused by the network system or product improperly restricting access to resources from unauthorized roles

Trust: 2.88

sources: NVD: CVE-2020-27280 // JVNDB: JVNDB-2021-001012 // ZDI: ZDI-21-079 // CNVD: CNVD-2021-05447 // VULMON: CVE-2020-27280

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-05447

AFFECTED PRODUCTS

vendor:deltawwmodel:ispsoftscope:lteversion:3.12

Trust: 1.0

vendor:deltamodel:ispsoftscope:eqversion:v3.12 - cve-2020-27280

Trust: 0.8

vendor:deltamodel:tpeditorscope:eqversion:v1.98 - cve-2020-27284、cve-2020-27288

Trust: 0.8

vendor:delta industrial automationmodel:ispsoftscope: - version: -

Trust: 0.7

vendor:deltamodel:electronics ispsoftscope:lteversion:<=v3.12

Trust: 0.6

sources: ZDI: ZDI-21-079 // CNVD: CNVD-2021-05447 // JVNDB: JVNDB-2021-001012 // NVD: CVE-2020-27280

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2021-001012
value: HIGH

Trust: 2.4

nvd@nist.gov: CVE-2020-27280
value: HIGH

Trust: 1.0

ZDI: CVE-2020-27280
value: HIGH

Trust: 0.7

CNVD: CNVD-2021-05447
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202101-1642
value: HIGH

Trust: 0.6

VULMON: CVE-2020-27280
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-27280
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

CNVD: CNVD-2021-05447
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IPA score: JVNDB-2021-001012
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 2.4

nvd@nist.gov: CVE-2020-27280
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2020-27280
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-079 // CNVD: CNVD-2021-05447 // VULMON: CVE-2020-27280 // JVNDB: JVNDB-2021-001012 // JVNDB: JVNDB-2021-001012 // JVNDB: JVNDB-2021-001012 // CNNVD: CNNVD-202101-1642 // NVD: CVE-2020-27280

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.8

problemtype:CWE-787

Trust: 0.8

problemtype:CWE-822

Trust: 0.8

sources: JVNDB: JVNDB-2021-001012 // NVD: CVE-2020-27280

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202101-1642

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202101-1642

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2021-001012

PATCH
title:Download Center (TPEditor)url:https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1&CID=06&itemID=060302&dataType=8&q=TPEditor
Trust: 0.8
title:Delta Industrial Automation has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-21-021-01
Trust: 0.7
title:Patch for Delta Electronics ISPSoft access control error vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/248981
Trust: 0.6
title:Delta Electronics ISPSoft Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139893
Trust: 0.6
sources:
            
            
            ZDI: ZDI-21-079 // 
            
            
            
            CNVD: CNVD-2021-05447 // 
            
            
            
            JVNDB: JVNDB-2021-001012 // 
            
            
            
            CNNVD: CNNVD-202101-1642

EXTERNAL IDS
db:NVDid:CVE-2020-27280
Trust: 3.8
db:ICS CERTid:ICSA-21-021-01
Trust: 3.1
db:JVNid:JVNVU95339074
Trust: 0.8
db:ICS CERTid:ICSA-21-021-02
Trust: 0.8
db:JVNDBid:JVNDB-2021-001012
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-11489
Trust: 0.7
db:ZDIid:ZDI-21-079
Trust: 0.7
db:CNVDid:CNVD-2021-05447
Trust: 0.6
db:AUSCERTid:ESB-2021.0258
Trust: 0.6
db:CNNVDid:CNNVD-202101-1642
Trust: 0.6
db:VULMONid:CVE-2020-27280
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-079 // 
            
            
            
            CNVD: CNVD-2021-05447 // 
            
            
            
            VULMON: CVE-2020-27280 // 
            
            
            
            JVNDB: JVNDB-2021-001012 // 
            
            
            
            CNNVD: CNNVD-202101-1642 // 
            
            
            
            NVD: CVE-2020-27280

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-21-021-01
Trust: 3.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27280
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27284
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-27288
Trust: 0.8
url:https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02
Trust: 0.8
url:http://jvn.jp/cert/jvnvu95339074
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-27280
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2021.0258/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/416.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/195495
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-079 // 
            
            
            
            CNVD: CNVD-2021-05447 // 
            
            
            
            VULMON: CVE-2020-27280 // 
            
            
            
            JVNDB: JVNDB-2021-001012 // 
            
            
            
            CNNVD: CNNVD-202101-1642 // 
            
            
            
            NVD: CVE-2020-27280

CREDITS
Francis Provencher {PRL}
Trust: 0.7
sources:
            
            
            ZDI: ZDI-21-079

SOURCES
db:ZDIid:ZDI-21-079
db:CNVDid:CNVD-2021-05447
db:VULMONid:CVE-2020-27280
db:JVNDBid:JVNDB-2021-001012
db:CNNVDid:CNNVD-202101-1642
db:NVDid:CVE-2020-27280

LAST UPDATE DATE
2024-11-23T22:33:09.850000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-21-079date:2021-01-22T00:00:00
db:CNVDid:CNVD-2021-05447date:2021-02-23T00:00:00
db:VULMONid:CVE-2020-27280date:2021-02-02T00:00:00
db:JVNDBid:JVNDB-2021-001012date:2021-01-25T07:03:55
db:CNNVDid:CNNVD-202101-1642date:2021-02-09T00:00:00
db:NVDid:CVE-2020-27280date:2024-11-21T05:20:59.337

SOURCES RELEASE DATE
db:ZDIid:ZDI-21-079date:2021-01-22T00:00:00
db:CNVDid:CNVD-2021-05447date:2021-01-24T00:00:00
db:VULMONid:CVE-2020-27280date:2021-01-26T00:00:00
db:JVNDBid:JVNDB-2021-001012date:2021-01-25T07:03:55
db:CNNVDid:CNNVD-202101-1642date:2021-01-21T00:00:00
db:NVDid:CVE-2020-27280date:2021-01-26T18:15:45.803