ABB FOX515T Improper Input Validation (CVE-2017-14025)

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500323);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");

  script_cve_id("CVE-2017-14025");
  script_xref(name:"ICSA", value:"17-304-01");

  script_name(english:"ABB FOX515T Improper Input Validation (CVE-2017-14025)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability
has been identified, allowing a local attacker to provide a malicious parameter to the script that is not validated by
the application, This could enable the attacker to retrieve any file on the server.  

This plugin only works with
Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-17-304-01");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/101662");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

ABB reports that the product has been phased out and has reached obsolete status. No further maintenance is planned for
the product.

Please see the ABB Cyber Security Advisory 1KHW028693 on the ABB Alerts and Notification page at the following location:

http://new.abb.com/about/technology/cyber-security/alerts-and-notifications");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-14025");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20);

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/11/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/11/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:abb:fox515t_firmware:1.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/ABB");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/ABB');

var asset = tenable_ot::assets::get(vendor:'ABB');

var vuln_cpes = {
    "cpe:/o:abb:fox515t_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "AbbFox"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);