Sign-up

ID

VAR-202103-0442


CVE

CVE-2021-22711


TITLE

Interactive Graphical SCADA System  Buffer Error Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-004401

DESCRIPTION

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing validation of input data. Interactive Graphical SCADA System (IGSS) Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of CGF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) system used by French Schneider Electric (Schneider Electric) to monitor and control industrial processes. Interactive Graphical SCADA System (IGSS) Definition V15.0.0.21041 and earlier versions have a buffer overflow vulnerability. The vulnerability stems from the program's failure to correctly validate the input. Attackers can use this vulnerability to cause arbitrary reads and writes by importing malicious CGF (configuration group files)

Trust: 2.88

sources: NVD: CVE-2021-22711 // JVNDB: JVNDB-2021-004401 // ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // VULHUB: VHN-381185

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-31177

AFFECTED PRODUCTS

vendor:schneider electricmodel:interactive graphical scada systemscope:lteversion:15.0.0.21041

Trust: 1.0

vendor:schneider electricmodel:interactive graphical scada systemscope:eqversion: -

Trust: 0.8

vendor:schneider electricmodel:interactive graphical scada systemscope:lteversion:15.0.0.21041 and earlier

Trust: 0.8

vendor:schneider electricmodel:igssscope: - version: -

Trust: 0.7

vendor:schneidermodel:electric interactive graphical scada system definitionscope:lteversion:<=v15.0.0.21041

Trust: 0.6

sources: ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // JVNDB: JVNDB-2021-004401 // NVD: CVE-2021-22711

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22711
value: HIGH

Trust: 1.0

NVD: CVE-2021-22711
value: HIGH

Trust: 0.8

ZDI: CVE-2021-22711
value: HIGH

Trust: 0.7

CNVD: CNVD-2021-31177
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202103-807
value: HIGH

Trust: 0.6

VULHUB: VHN-381185
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-22711
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2021-31177
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-381185
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-22711
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-22711
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-22711
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // VULHUB: VHN-381185 // JVNDB: JVNDB-2021-004401 // CNNVD: CNNVD-202103-807 // NVD: CVE-2021-22711

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

problemtype:Buffer error (CWE-119) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-381185 // JVNDB: JVNDB-2021-004401 // NVD: CVE-2021-22711

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202103-807

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202103-807

PATCH

title:Product Documentation & Software downloads Schneider Electric Security Notificationurl:https://www.se.com/ww/en/download/document/SEVD-2021-068-01

Trust: 0.8

title:Schneider Electric has issued an update to correct this vulnerability.url:https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-068-01

Trust: 0.7

title:Patch for Schneider Electric Interactive Graphical SCADA System buffer overflow vulnerability (CNVD-2021-31177)url:https://www.cnvd.org.cn/patchInfo/show/261436

Trust: 0.6

sources: ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // JVNDB: JVNDB-2021-004401

EXTERNAL IDS

db:NVDid:CVE-2021-22711

Trust: 3.8

db:SCHNEIDERid:SEVD-2021-068-01

Trust: 1.7

db:ZDIid:ZDI-21-273

Trust: 1.3

db:ICS CERTid:ICSA-21-070-01

Trust: 1.2

db:JVNid:JVNVU92960744

Trust: 0.8

db:JVNDBid:JVNDB-2021-004401

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12666

Trust: 0.7

db:CNVDid:CNVD-2021-31177

Trust: 0.6

db:AUSCERTid:ESB-2021.0888

Trust: 0.6

db:CNNVDid:CNNVD-202103-807

Trust: 0.6

db:VULHUBid:VHN-381185

Trust: 0.1

sources: ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // VULHUB: VHN-381185 // JVNDB: JVNDB-2021-004401 // CNNVD: CNNVD-202103-807 // NVD: CVE-2021-22711

REFERENCES

url:https://download.schneider-electric.com/files?p_doc_ref=sevd-2021-068-01

Trust: 2.4

url:https://www.se.com/ww/en/download/document/sevd-2021-068-01

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-22711

Trust: 1.4

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-070-01

Trust: 1.2

url:https://jvn.jp/vu/jvnvu92960744/

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-21-273/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0888

Trust: 0.6

sources: ZDI: ZDI-21-273 // CNVD: CNVD-2021-31177 // VULHUB: VHN-381185 // JVNDB: JVNDB-2021-004401 // CNNVD: CNNVD-202103-807 // NVD: CVE-2021-22711

CREDITS

kimiya

Trust: 0.7

sources: ZDI: ZDI-21-273

SOURCES

db:ZDIid:ZDI-21-273
db:CNVDid:CNVD-2021-31177
db:VULHUBid:VHN-381185
db:JVNDBid:JVNDB-2021-004401
db:CNNVDid:CNNVD-202103-807
db:NVDid:CVE-2021-22711

LAST UPDATE DATE

2024-11-23T21:34:49.851000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-273date:2021-03-11T00:00:00
db:CNVDid:CNVD-2021-31177date:2021-04-26T00:00:00
db:VULHUBid:VHN-381185date:2021-03-17T00:00:00
db:JVNDBid:JVNDB-2021-004401date:2021-11-19T07:20:00
db:CNNVDid:CNNVD-202103-807date:2021-08-16T00:00:00
db:NVDid:CVE-2021-22711date:2024-11-21T05:50:30.677

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-273date:2021-03-11T00:00:00
db:CNVDid:CNVD-2021-31177date:2021-04-26T00:00:00
db:VULHUBid:VHN-381185date:2021-03-11T00:00:00
db:JVNDBid:JVNDB-2021-004401date:2021-11-19T00:00:00
db:CNNVDid:CNNVD-202103-807date:2021-03-11T00:00:00
db:NVDid:CVE-2021-22711date:2021-03-11T21:15:12.247