Lucene search

K
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SCHNEIDER_CVE-2020-7539.NASL
HistoryJun 29, 2023 - 12:00 a.m.

Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2020-7539)

2023-06-2900:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
schneider electric
modicon m340
quantum
premium
web server
cwe-754
denial of service
http
tenable.ot
security notification
vulnerability
communication modules
cve-2020-7539

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

42.5%

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501217);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");

  script_cve_id("CVE-2020-7539");

  script_name(english:"Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2020-7539)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A CWE-754 Improper Check for Unusual or Exceptional Conditions
vulnerability exists in the Web Server on Modicon M340, Legacy Offers
Modicon Quantum and Modicon Premium and associated Communication
Modules (see security notification for affected versions), that could
cause a denial of service vulnerability when a specially crafted
packet is sent to the controller over HTTP.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.se.com/ww/en/download/document/SEVD-2020-343-03/");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7539");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(754);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/06/29");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:140cpu65150_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:140noc77101_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:140noc78000_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:140noc78100_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:140noe77111_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxnoc0401_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxnoe0100_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxnoe0110_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp341000_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp342000_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp3420102_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp3420102cl_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp342020_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp3420302_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmxp3420302cl_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety4103_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxety5103_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp574634_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp575634_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:tsxp576634_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Schneider");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Schneider');

var asset = tenable_ot::assets::get(vendor:'Schneider');

var vuln_cpes = {
    "cpe:/o:schneider-electric:bmxp341000_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp342000_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp3420102_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp3420102cl_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp342020_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp3420302_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxp3420302cl_firmware" :
        {"versionEndExcluding" : "3.30", "family" : "ModiconM340"},
    "cpe:/o:schneider-electric:bmxnoe0100_firmware" :
        {"versionEndExcluding" : "3.3", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:bmxnoe0110_firmware" :
        {"versionEndExcluding" : "6.5", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:bmxnoc0401_firmware" :
        {"versionEndExcluding" : "2.10", "family" : "ModiconM340M580CP"},
    "cpe:/o:schneider-electric:tsxp574634_firmware" :
        {"versionEndExcluding" : "6.1", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxp575634_firmware" :
        {"versionEndExcluding" : "6.1", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxp576634_firmware" :
        {"versionEndExcluding" : "6.1", "family" : "Premium"},
    "cpe:/o:schneider-electric:tsxety4103_firmware" :
        {"versionEndExcluding" : "6.2", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:tsxety5103_firmware" :
        {"versionEndExcluding" : "6.4", "family" : "PremiumCP"},
    "cpe:/o:schneider-electric:140cpu65150_firmware" :
        {"versionEndExcluding" : "6.1", "family" : "QuantumUnity"},
    "cpe:/o:schneider-electric:140noe77111_firmware" :
        {"versionEndExcluding" : "7.1", "family" : "QuantumUnityCP"},
    "cpe:/o:schneider-electric:140noc78100_firmware" :
        {"versionEndExcluding" : "1.74", "family" : "QuantumUnityCP"},
    "cpe:/o:schneider-electric:140noc78000_firmware" :
        {"versionEndExcluding" : "1.74", "family" : "QuantumUnityCP"},
    "cpe:/o:schneider-electric:140noc77101_firmware" :
        {"versionEndExcluding" : "1.08", "family" : "QuantumUnityCP"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
schneider-electric140cpu65150_firmwarecpe:/o:schneider-electric:140cpu65150_firmware
schneider-electric140noe77111_firmwarecpe:/o:schneider-electric:140noe77111_firmware
schneider-electric140noc77101_firmwarecpe:/o:schneider-electric:140noc77101_firmware
schneider-electric140noc78000_firmwarecpe:/o:schneider-electric:140noc78000_firmware
schneider-electricbmxnoc0401_firmwarecpe:/o:schneider-electric:bmxnoc0401_firmware
schneider-electricbmxnoe0100_firmwarecpe:/o:schneider-electric:bmxnoe0100_firmware
schneider-electricbmxnoe0110_firmwarecpe:/o:schneider-electric:bmxnoe0110_firmware
schneider-electricbmxp341000_firmwarecpe:/o:schneider-electric:bmxp341000_firmware
schneider-electricbmxp342000_firmwarecpe:/o:schneider-electric:bmxp342000_firmware
schneider-electricbmxp3420102_firmwarecpe:/o:schneider-electric:bmxp3420102_firmware
Rows per page:
1-10 of 201

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

42.5%

Related for TENABLE_OT_SCHNEIDER_CVE-2020-7539.NASL