Show vulnerabilities with patch / with exploit

Multiple vulnerabilities in Visam VBASE



Published: 2020-03-25
Severity High
Patch available NO
Number of vulnerabilities 5
CVE ID CVE-2020-7008
CVE-2020-7004
CVE-2020-10601
CVE-2020-7000
CVE-2020-10599
CWE ID CWE-22
CWE-264
CWE-326
CWE-200
CWE-121
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
VBASE Editor
Server applications / SCADA systems

VBASE Web-Remote Module
Web applications / Other software

Vendor Visam

Security Advisory

1) Path traversal

Severity: Medium

CVSSv3: 6.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2020-7008

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system from local resources.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VBASE Editor: 11.5.0.2

VBASE Web-Remote Module: -

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-20-084-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Permissions, Privileges, and Access Controls

Severity: Low

CVSSv3: 7.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2020-7004

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to weak or insecure permissions. A local user can trick a victim to run a specially crafted application and gain elevated privileges on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VBASE Editor: 11.5.0.2

VBASE Web-Remote Module: -

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-20-084-01

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Inadequate Encryption Strength

Severity: Low

CVSSv3: 6.5 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2020-10601

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: No

Description

The vulnerability allows a local user to bypass the password-protected mechanism.

The vulnerability exists due to weak hashing algorithm and insecure permissions . A local user can perform a brute-force attack, use cracking techniques or overwrite the password hash and bypass the password-protected mechanism.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VBASE Editor: 11.5.0.2

VBASE Web-Remote Module: -

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-20-084-01

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

Severity: Medium

CVSSv3: 6.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2020-7000

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to insecure storage of sensitive information. A remote attacker can discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VBASE Editor: 11.5.0.2

VBASE Web-Remote Module: -

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-20-084-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Stack-based buffer overflow

Severity: High

CVSSv3: 8.2 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: CVE-2020-10599

CWE-ID: CWE-121 - Stack-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in ActiveX component. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

VBASE Editor: 11.5.0.2

VBASE Web-Remote Module: -

CPE External links

https://ics-cert.us-cert.gov/advisories/icsa-20-084-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



ImmuniWeb® AI Platform for Application Security Testing