Details of VAR-202202-0248

ID

VAR-202202-0248

CVE

CVE-2022-24313

TITLE

Interactive Graphical SCADA System Data Server Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-005362

DESCRIPTION

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the IGSSDataServer process. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) systems used by Schneider Electric in France to monitor and control industrial processes. The vulnerability stems from a network system or product that does not properly verify data boundaries when performing operations on memory, resulting in incorrect read and write operations to other associated memory locations

Trust: 2.79

sources: NVD: CVE-2022-24313 // JVNDB: JVNDB-2022-005362 // ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-13069

AFFECTED PRODUCTS

vendor:	schneider electric	model:	interactive graphical scada system data server	scope:	lte	version:	15.0.0.22020	Trust: 1.0
vendor:	schneider electric	model:	igss data server	scope:	eq	version:	-	Trust: 0.8
vendor:	schneider electric	model:	igss data server	scope:	lte	version:	15.0.0.22020 and earlier	Trust: 0.8
vendor:	schneider electric	model:	igss	scope:	-	version:	-	Trust: 0.7
vendor:	schneider	model:	electric interactive graphical scada system	scope:	lte	version:	<=15.0.0.22020	Trust: 0.6

sources: ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069 // JVNDB: JVNDB-2022-005362 // NVD: CVE-2022-24313

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-24313
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-24313
value:	CRITICAL
Trust: 0.8
ZDI:	CVE-2022-24313
value:	CRITICAL
Trust: 0.7
CNVD:	CNVD-2022-13069
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202202-912
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2022-24313
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-13069
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-24313
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-24313
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2022-24313
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069 // JVNDB: JVNDB-2022-005362 // CNNVD: CNNVD-202202-912 // NVD: CVE-2022-24313

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-005362 // NVD: CVE-2022-24313

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-912

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202202-912

PATCH

title:	SEVD-2022-039-01	url:	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01	Trust: 0.8
title:	-	url:	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01https://www.cisa.gov/uscert/ics/advisories/icsa-22-046-01	Trust: 0.7
title:	Patch for Schneider Electric Interactive Graphical SCADA System Buffer Overflow Vulnerability (CNVD-2022-13069)	url:	https://www.cnvd.org.cn/patchInfo/show/321181	Trust: 0.6
title:	Schneider Electric Interactive Graphical SCADA System Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=182722	Trust: 0.6

sources: ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069 // JVNDB: JVNDB-2022-005362 // CNNVD: CNNVD-202202-912

EXTERNAL IDS

db:	NVD	id:	CVE-2022-24313	Trust: 4.5
db:	ZDI	id:	ZDI-22-325	Trust: 3.1
db:	SCHNEIDER	id:	SEVD-2022-039-01	Trust: 2.2
db:	ICS CERT	id:	ICSA-22-046-01	Trust: 1.4
db:	JVN	id:	JVNVU96061299	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-005362	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-15198	Trust: 0.7
db:	CNVD	id:	CNVD-2022-13069	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0676	Trust: 0.6
db:	CS-HELP	id:	SB2022021405	Trust: 0.6
db:	CNNVD	id:	CNNVD-202202-912	Trust: 0.6

sources: ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069 // JVNDB: JVNDB-2022-005362 // CNNVD: CNNVD-202202-912 // NVD: CVE-2022-24313

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-22-325/	Trust: 3.0
url:	https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-039-01	Trust: 2.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24313	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu96061299/	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-046-01	Trust: 0.8
url:	https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-039-01https://www.cisa.gov/uscert/ics/advisories/icsa-22-046-01	Trust: 0.7
url:	https://www.cybersecurity-help.cz/vdb/sb2022021405	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-046-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0676	Trust: 0.6

sources: ZDI: ZDI-22-325 // CNVD: CNVD-2022-13069 // JVNDB: JVNDB-2022-005362 // CNNVD: CNNVD-202202-912 // NVD: CVE-2022-24313

CREDITS

Vyacheslav Moskvin

Trust: 1.3

sources: ZDI: ZDI-22-325 // CNNVD: CNNVD-202202-912

SOURCES

db:	ZDI	id:	ZDI-22-325
db:	CNVD	id:	CNVD-2022-13069
db:	JVNDB	id:	JVNDB-2022-005362
db:	CNNVD	id:	CNNVD-202202-912
db:	NVD	id:	CVE-2022-24313

LAST UPDATE DATE

2024-11-23T21:50:42.682000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-325	date:	2023-09-20T00:00:00
db:	CNVD	id:	CNVD-2022-13069	date:	2022-06-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-005362	date:	2023-05-30T01:35:00
db:	CNNVD	id:	CNNVD-202202-912	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2022-24313	date:	2024-11-21T06:50:09.113

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-325	date:	2022-02-11T00:00:00
db:	CNVD	id:	CNVD-2022-13069	date:	2022-02-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-005362	date:	2023-05-30T00:00:00
db:	CNNVD	id:	CNNVD-202202-912	date:	2022-02-09T00:00:00
db:	NVD	id:	CVE-2022-24313	date:	2022-02-09T23:15:19.793