var-201903-0646
Vulnerability from variot
A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version. Schneider Electric OFS Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric OPC Factory Server (OFS) is a data communication editing software. The software supports important information access, open page design, transparent architecture and interoperability, etc., to enable users to obtain good processes and communication effects.
Schneider Electric OFS has security vulnerabilities in loading DLLs, allowing remote attackers to use the vulnerabilities to submit special files and load them to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0646",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opc factory server",
"scope": "eq",
"trust": 2.1,
"vendor": "schneider electric",
"version": "3.5"
},
{
"model": "electric opc factory server sp6",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "3.5"
},
{
"model": "opc factory server",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.4"
},
{
"model": "opc factory server sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "3.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "BID",
"id": "74772"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:opc_factory_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez from Nullcode Team",
"sources": [
{
"db": "BID",
"id": "74772"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
}
],
"trust": 0.9
},
"cve": "CVE-2015-1014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2015-1014",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-03451",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-78974",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"id": "CVE-2015-1014",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-1014",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-1014",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-03451",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-506",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78974",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "VULHUB",
"id": "VHN-78974"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version. Schneider Electric OFS Contains a vulnerability related to uncontrolled search path elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric OPC Factory Server (OFS) is a data communication editing software. The software supports important information access, open page design, transparent architecture and interoperability, etc., to enable users to obtain good processes and communication effects. \n\nSchneider Electric OFS has security vulnerabilities in loading DLLs, allowing remote attackers to use the vulnerabilities to submit special files and load them to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-1014"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "BID",
"id": "74772"
},
{
"db": "VULHUB",
"id": "VHN-78974"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-1014",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-15-141-01",
"trust": 2.8
},
{
"db": "BID",
"id": "74772",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03451",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-78974",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "VULHUB",
"id": "VHN-78974"
},
{
"db": "BID",
"id": "74772"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"id": "VAR-201903-0646",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "VULHUB",
"id": "VHN-78974"
}
],
"trust": 1.49166665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
}
]
},
"last_update_date": "2024-11-23T22:21:45.328000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.schneider-electric.us/en/"
},
{
"title": "Patch for Schneider Electric OPC Factory Server DLL Load Arbitrary Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59058"
},
{
"title": "Schneider Electric OPC Factory Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90843"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78974"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-141-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-1014"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1014"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/74772"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/products/ww/en/2400-industrial-communication/2450-software-for-networks/547-opc-factory-server/"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-141-01#footnoteb_0dado2g"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "VULHUB",
"id": "VHN-78974"
},
{
"db": "BID",
"id": "74772"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"db": "VULHUB",
"id": "VHN-78974"
},
{
"db": "BID",
"id": "74772"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"date": "2019-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-78974"
},
{
"date": "2015-05-21T00:00:00",
"db": "BID",
"id": "74772"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"date": "2015-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"date": "2019-03-25T19:29:00.337000",
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03451"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-78974"
},
{
"date": "2015-05-21T00:00:00",
"db": "BID",
"id": "74772"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008253"
},
{
"date": "2019-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-506"
},
{
"date": "2024-11-21T02:24:29.743000",
"db": "NVD",
"id": "CVE-2015-1014"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "74772"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric OFS Vulnerabilities in uncontrolled search path elements",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008253"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-506"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.