SB2019070307 - Multiple vulnerabilities in Schneider Electric Modicon Controllers

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019070307

SB2019070307 - Multiple vulnerabilities in Schneider Electric Modicon Controllers

Published: July 3, 2019 Updated: October 3, 2019

Security Bulletin ID SB2019070307
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Improper check for unusual or exceptional conditions (CVE-ID: CVE-2019-6819)

CWE-ID: -

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause a denial of service (DoS) condition.

The vulnerability exits due to the affected software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software. A remote attacker can send a specially crafted Modbus frame to the affected device and cause a denial of service condition.

2) Out-of-bounds read (CVE-ID: CVE-2018-7845)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green


The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when reading specific memory blocks in the controller over Modbus. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.


3) Uncaught Exception (CVE-ID: CVE-2019-6830)

CWE-ID: CWE-248 - Uncaught Exception

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.

The vulnerability exists due to uncaught exception vulnerability when sending an appropriately timed HTTP request to the controller. A remote attacker can cause a denial of service condition.

4) Uncaught Exception (CVE-ID: CVE-2018-7852)

CWE-ID: CWE-248 - Uncaught Exception

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green


The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.

The vulnerability exists due to uncaught exception vulnerability when an invalid private command parameter is sent to the controller over Modbus. A remote attacker can cause a
denial of service condition.

Remediation

Install update from vendor's website.

References