var-201803-1846
Vulnerability from variot
A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. Schneider Electric SoMove Software and DTM A software component contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SoMove software is a practical setup and FM software for users of Schneider inverters. The Altivar Dtm Library is a free library that supports a wide range of DTM devices. Multiple Schneider Electric Products are prone to local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products are affected: SoMove software versions prior to 2.6.2 ATV320 DTM versions prior to 1.1.6 ATV340 DTM versions prior to 1.2.3 ATV6xx DTM versions prior to 1.8.0 ATV9xx DTM versions prior to 1.3.5 AltivarDtmLibrary versions prior to 12.7.0. are all products of French Schneider Electric (Schneider Electric). ATV320 DTM is a device type manager
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1846",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "atv340 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "1.2.3"
},
{
"model": "atv312 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv32 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv71 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv900 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "1.3.5"
},
{
"model": "atv600 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "1.8.0"
},
{
"model": "somove",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "2.6.2"
},
{
"model": "atv12 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv31 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv212 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv320 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "1.1.6"
},
{
"model": "atv lift dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv61 dtm",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "12.7.0"
},
{
"model": "atv lift dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv12 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv212 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv31 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv312 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv32 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv320 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv340 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv61 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv6xx dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv71 dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "atv9xx dtm",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "somove",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric altivar dtm library",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "12.7.0"
},
{
"model": "electric somove software",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "2.6.2"
},
{
"model": "somove",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "1.7"
},
{
"model": "somove software",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv9xx dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv71 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv6xx dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv61 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv340 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv320 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv32 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv31/312 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv212 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv12 dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "atv lift dtm",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "altivardtmlibrary",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "somove software",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2.6.2"
},
{
"model": "atv9xx dtm",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.3.5"
},
{
"model": "atv6xx dtm",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.8"
},
{
"model": "atv340 dtm",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.2.3"
},
{
"model": "atv320 dtm",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.1.6"
},
{
"model": "altivardtmlibrary",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "12.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv12 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv212 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv312 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv31 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv320 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv32 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv340 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv600 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv61 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv71 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv900 dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "atv lift dtm",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "somove",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "BID",
"id": "103338"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:atv_lift_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv12_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv212_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv31_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv312_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv32_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv320_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv340_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv61_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv600_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv71_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:atv900_dtm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:somove",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ADLab of Venustech",
"sources": [
{
"db": "BID",
"id": "103338"
}
],
"trust": 0.3
},
"cve": "CVE-2018-7239",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7239",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-04780",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-137271",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-7239",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7239",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7239",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-04780",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-274",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-137271",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "VULHUB",
"id": "VHN-137271"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A DLL hijacking vulnerability exists in Schneider Electric\u0027s SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. Schneider Electric SoMove Software and DTM A software component contains an unreliable search path vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SoMove software is a practical setup and FM software for users of Schneider inverters. The Altivar Dtm Library is a free library that supports a wide range of DTM devices. Multiple Schneider Electric Products are prone to local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. \nA remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. \nThe following products are affected:\nSoMove software versions prior to 2.6.2\nATV320 DTM versions prior to 1.1.6\nATV340 DTM versions prior to 1.2.3\nATV6xx DTM versions prior to 1.8.0\nATV9xx DTM versions prior to 1.3.5\nAltivarDtmLibrary versions prior to 12.7.0. are all products of French Schneider Electric (Schneider Electric). ATV320 DTM is a device type manager",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7239"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "BID",
"id": "103338"
},
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137271"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7239",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-065-02",
"trust": 2.8
},
{
"db": "BID",
"id": "103338",
"trust": 2.0
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-060-01",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2018-04780",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "39055",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2E4D830-39AB-11E9-9905-000C29342CB1",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-99001",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-137271",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "VULHUB",
"id": "VHN-137271"
},
{
"db": "BID",
"id": "103338"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"id": "VAR-201803-1846",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "VULHUB",
"id": "VHN-137271"
}
],
"trust": 1.8166666666666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
}
]
},
"last_update_date": "2024-11-23T23:05:09.486000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2018-060-01",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Id=9561606015\u0026p_File_Name=SEVD-2018-060-01+SoMove.pdf\u0026p_Reference=SEVD-2018-060-01"
},
{
"title": "Schneider Electric SoMove software and DTM software DLL hijacking vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/120837"
},
{
"title": "Multiple Schneider Electric Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79002"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-426",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137271"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-065-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/103338"
},
{
"trust": 1.7,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-060-01/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7239"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7239"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/39055"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "VULHUB",
"id": "VHN-137271"
},
{
"db": "BID",
"id": "103338"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"db": "VULHUB",
"id": "VHN-137271"
},
{
"db": "BID",
"id": "103338"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-09T00:00:00",
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"date": "2018-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"date": "2018-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137271"
},
{
"date": "2018-03-06T00:00:00",
"db": "BID",
"id": "103338"
},
{
"date": "2018-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"date": "2018-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"date": "2018-03-09T23:29:00.967000",
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04780"
},
{
"date": "2018-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-137271"
},
{
"date": "2018-03-06T00:00:00",
"db": "BID",
"id": "103338"
},
{
"date": "2018-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002540"
},
{
"date": "2018-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-274"
},
{
"date": "2024-11-21T04:11:51.273000",
"db": "NVD",
"id": "CVE-2018-7239"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric SoMove software and DTM software DLL Hijacking vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2e4d830-39ab-11e9-9905-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04780"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-274"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.