Action not permitted
Modal body text goes here.
Modal Title
Modal Body
tid-401
Vulnerability from emb3d
Type
Description
Some devices may support proprietary protocols, or may add proprietary functionality to open protocols. Many of the custom functions or commands may not be sufficiently documented. If users aren’t aware of these functions/commands, they cannot be expected to properly configure the device to remove unwanted functionality. Further, they are limited in their ability to monitor the device for any potential malicious use of these functions/commands to exploit devices.
CWE
- CWE-1371: ICS Supply Chain: Poorly Documented or Undocumented Features
- CWE-912: Hidden Functionality (Class)
- CWE-1059: Insufficient Technical Documentation
CVE-2021-22779 (GCVE-0-2021-22779)
Vulnerability from cvelistv5
Published
2021-07-14 14:26
Modified
2024-08-03 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*) |
Version: EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:51:07.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290: Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-14T14:26:41",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2021-22779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)",
"version": {
"version_data": [
{
"version_value": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-290: Authentication Bypass by Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01",
"refsource": "MISC",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2021-22779",
"datePublished": "2021-07-14T14:26:41",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:51:07.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2802 (GCVE-0-2013-2802)
Vulnerability from cvelistv5
Published
2013-08-21 21:00
Modified
2024-09-16 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-21T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows remote attackers to execute arbitrary code; read, modify, or create files; or obtain file metadata via function opcodes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-231-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2802",
"datePublished": "2013-08-21T21:00:00Z",
"dateReserved": "2013-04-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:45:42.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…