#VU25342 Improper Check for Unusual or Exceptional Conditions
Vulnerability identifier: #VU25342
Vulnerability risk: Medium
CVSSv3.1: 6.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-754
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Magelis HMIGTO
Hardware solutions /
Other hardware appliances
Magelis HMISTO
Hardware solutions /
Other hardware appliances
Magelis XBTGH
Hardware solutions /
Other hardware appliances
Magelis HMIGTU
Hardware solutions /
Other hardware appliances
Magelis HMIGTUX
Hardware solutions /
Other hardware appliances
Magelis HMISCU
Hardware solutions /
Other hardware appliances
Magelis HMISTU
Hardware solutions /
Other hardware appliances
Magelis XBTGT
Hardware solutions /
Other hardware appliances
Magelis XBTGC
Hardware solutions /
Other hardware appliances
Magelis HMIGXO
Hardware solutions /
Other hardware appliances
Magelis HMIGXU
Hardware solutions /
Other hardware appliances
Vendor: Schneider Electric
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the HMI may temporarily freeze when the device receives a high rate of frames. When the attack stops, the buffered commands are processed by the HMI. A remote attacker can cause a denial of service condition on the target system.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
Magelis HMIGTO: All versions
Magelis HMISTO: All versions
Magelis XBTGH: All versions
Magelis HMIGTU: All versions
Magelis HMIGTUX: All versions
Magelis HMISCU: All versions
Magelis HMISTU: All versions
Magelis XBTGT: All versions
Magelis XBTGC: All versions
Magelis HMIGXO: All versions
Magelis HMIGXU: All versions
CPE
- cpe:2.3:h:schneider_electric:magelis_hmigto:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmisto:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_xbtgh:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmigtu:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmigtux:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmiscu:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmistu:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_xbtgt:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_xbtgc:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmigxo:*:*:*:*:*:*:*:*
- cpe:2.3:h:schneider_electric:magelis_hmigxu:*:*:*:*:*:*:*:*
External links
http://security.cse.iitk.ac.in/responsible-disclosure
http://www.schneider-electric.com/ww/en/download/document/SEVD-2019-225-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
