Lucene search

K
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SCHNEIDER_CVE-2014-0754.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Schneider Electric Modicon Path Traversal (CVE-2014-0754)

2022-02-0700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9

6.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

79.3%

Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500039);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/26");

  script_cve_id("CVE-2014-0754");

  script_name(english:"Schneider Electric Modicon Path Traversal (CVE-2014-0754)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Directory traversal vulnerability in SchneiderWEB on Schneider
Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5,
140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401
before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0,
TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x
Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet
Copro Exec before 5.5 allows remote attackers to visit arbitrary
resources via a crafted HTTP request.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1c49275b");
  script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/70193");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0754");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(22);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc96020_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc96020c_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc96030_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc96030c_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc98020_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:171ccc98030_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp342020_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp342020h_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp3420302_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp342030_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_bmxp342030h_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m580_bmxnoc0402_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxetc0101_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxetc100_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety110ws_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety110wsc_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety4103_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety4103c_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety5103_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety5103c_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp571634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp572634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp573623mc_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp573634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp574634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp574823am_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp574823m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp574823mc_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp575634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp576634m_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxwmy100_firmware:-");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxwmy100c_firmware:-");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Schneider");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Schneider');

var asset = tenable_ot::assets::get(vendor:'Schneider');

var vuln_cpes = {
    "cpe:/o:schneider-electric:tsxetc0101_firmware:-" :
        {"versionEndExcluding" : "2.04", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxetc100_firmware:-" :
        {"family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp573623mc_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety110ws_firmware:-" :
        {"family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp574634m_firmware:-" :
        {"versionEndExcluding" : "5.5", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety110wsc_firmware:-" :
        {"family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp574823am_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety4103_firmware:-" :
        {"versionEndExcluding" : "5.7", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp574823m_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety4103c_firmware:-" :
        {"versionEndExcluding" : "5.7", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp574823mc_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety5103_firmware:-" :
        {"versionEndExcluding" : "5.9", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp575634m_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety5103c_firmware:-" :
        {"versionEndExcluding" : "5.9", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxp576634m_firmware:-" :
        {"family" : "Premium"},
    "cpe:/o:schneider-electric:tsxwmy100_firmware:-" :
        {"family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxwmy100c_firmware:-" :
        {"family" : "PremiumCP"},
    "cpe:/o:schneider-electric:modicon_m580_bmxnoc0402_firmware:-" :
        {"family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-" :
        {"versionEndExcluding" : "2.9", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-" :
        {"versionEndExcluding" : "6.0", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-" :
        {"versionEndExcluding" : "6.0", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-" :
        {"family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp342020_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp342020h_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp342030_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp3420302_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxp342030h_firmware:-" :
        {"family" : "ModiconM340"},
    "cpe:/o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-" :
        {"versionEndExcluding" : "2.05", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:171ccc96020_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:171ccc96020c_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:171ccc96030_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:171ccc96030c_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:171ccc98020_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:171ccc98030_firmware:-" :
        {"family" : "MomentumConcept"},
    "cpe:/o:schneider-electric:tsxp571634m_firmware:-" :
        {"versionEndExcluding" : "5.7", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxp572634m_firmware:-" :
        {"versionEndExcluding" : "5.7", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxp573634m_firmware:-" :
        {"versionEndExcluding" : "5.7", "family" : "Premium"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
schneider-electric171ccc96020_firmware-cpe:/o:schneider-electric:171ccc96020_firmware:-
schneider-electric171ccc96020c_firmware-cpe:/o:schneider-electric:171ccc96020c_firmware:-
schneider-electric171ccc96030_firmware-cpe:/o:schneider-electric:171ccc96030_firmware:-
schneider-electric171ccc96030c_firmware-cpe:/o:schneider-electric:171ccc96030c_firmware:-
schneider-electric171ccc98020_firmware-cpe:/o:schneider-electric:171ccc98020_firmware:-
schneider-electric171ccc98030_firmware-cpe:/o:schneider-electric:171ccc98030_firmware:-
schneider-electricmodicon_m340_bmxnoc0401_firmware-cpe:/o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-
schneider-electricmodicon_m340_bmxnoe0100_firmware-cpe:/o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-
schneider-electricmodicon_m340_bmxnoe0110_firmware-cpe:/o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-
schneider-electricmodicon_m340_bmxnoe0110h_firmware-cpe:/o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-
Rows per page:
1-10 of 381

6.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

79.3%

Related for TENABLE_OT_SCHNEIDER_CVE-2014-0754.NASL