cvelistv5 - cve-2020-7540

CVE-2020-7540 (GCVE-0-2020-7540)

Vulnerability from cvelistv5

Published

2020-12-11 00:52

Modified

2024-08-04 09:33

Severity ?

CWE

CWE-306 - Missing Authentication for Critical Function

Summary

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.

References

URL

Tags

https://www.se.com/ww/en/download/document/SEVD-2020-343-04/

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)	Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:03.000Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306: Missing Authentication for Critical Function"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7540",
    "datePublished": "2020-12-11T00:52:03.000Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:33:19.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2020-AVI-801

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Schneider. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

EcoStruxure™ Control Expert
Unity Pro (former name of EcoStruxure™ Control Expert)
EcoStruxure Geo SCADA Expert 2019 versions antérieures à 81.7613.1
EcoStruxure Geo SCADA Expert 2020 versions antérieures à 83.7613.1
Modicon M340 CPU BMXP34* versions antérieures à V3.3
Modicon M340 Ethernet Communication modules BMXNOC0401 versions antérieures à V2.10 (*)
Modicon M340 Ethernet Communication modules BMXNOE0100 versions antérieures à V3.4
Modicon M340 Ethernet Communication modules BMXNOE0110 versions antérieures à V6.6
Modicon Premium processors with integrated Ethernet COPRO TSXP574634, TSXP575634, TSXP576634
Modicon Quantum CPUs 140CPU65xxxxx versions antérieures à V6.1 (*)
Modicon Quantum communication modules 140NOE771x1 versions antérieures à V7.3 (*)
Modicon Quantum communication modules 140NOC78x00 versions antérieures à V1.74 (*)
Modicon Quantum communication modules 140NOC77101 versions antérieures à V1.08
Modicon Premium communication modules TSXETY4103 versions antérieures à V6.2 (*)
Modicon Premium communication modules TSXETY5103 versions antérieures à V6.4 (*)
Modicon Premium CPUs TSXP574634, TSXP575634, TSXP576634 versions antérieures à V6.1 (*)
BMXNOE0100
BMXNOE0110
BMXNOR0200H
BMXNOR200H
Modicon M580 CPUs BMEx58xxxxx microgiciel versions antérieures à 3.20
Modicon M258 versions antérieures à 5.0.4.11
SoMachine/SoMachine Motion software

(*) ces versions ne corrigent pas toutes les vulnérabilités

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2020-343-02 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-06 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-01 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-07 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-04 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-05 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-09 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-08 du 06 décembre 2020	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2020-343-03 du 06 décembre 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eEcoStruxure\u2122 Control Expert\u003c/li\u003e \u003cli\u003eUnity Pro (former name of EcoStruxure\u2122 Control Expert)\u003c/li\u003e \u003cli\u003eEcoStruxure Geo SCADA Expert 2019 versions ant\u00e9rieures \u00e0 81.7613.1\u003c/li\u003e \u003cli\u003eEcoStruxure Geo SCADA Expert 2020 versions ant\u00e9rieures \u00e0 83.7613.1\u003c/li\u003e \u003cli\u003eModicon M340 CPU BMXP34* versions ant\u00e9rieures \u00e0 V3.3\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOC0401 versions ant\u00e9rieures \u00e0 V2.10 (*)\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOE0100 versions ant\u00e9rieures \u00e0 V3.4\u003c/li\u003e \u003cli\u003eModicon M340 Ethernet Communication modules BMXNOE0110 versions ant\u00e9rieures \u00e0 V6.6\u003c/li\u003e \u003cli\u003eModicon Premium processors with integrated Ethernet COPRO TSXP574634, TSXP575634, TSXP576634\u003c/li\u003e \u003cli\u003eModicon Quantum CPUs 140CPU65xxxxx versions ant\u00e9rieures \u00e0 V6.1 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOE771x1 versions ant\u00e9rieures \u00e0 V7.3 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOC78x00 versions ant\u00e9rieures \u00e0 V1.74 (*)\u003c/li\u003e \u003cli\u003eModicon Quantum communication modules 140NOC77101 versions ant\u00e9rieures \u00e0 V1.08\u003c/li\u003e \u003cli\u003eModicon Premium communication modules TSXETY4103 versions ant\u00e9rieures \u00e0 V6.2 (*)\u003c/li\u003e \u003cli\u003eModicon Premium communication modules TSXETY5103 versions ant\u00e9rieures \u00e0 V6.4 (*)\u003c/li\u003e \u003cli\u003eModicon Premium CPUs TSXP574634, TSXP575634, TSXP576634 versions ant\u00e9rieures \u00e0 V6.1 (*)\u003c/li\u003e \u003cli\u003eBMXNOE0100\u003c/li\u003e \u003cli\u003eBMXNOE0110\u003c/li\u003e \u003cli\u003eBMXNOR0200H\u003c/li\u003e \u003cli\u003eBMXNOR200H\u003c/li\u003e \u003cli\u003eModicon M580 CPUs BMEx58xxxxx microgiciel versions ant\u00e9rieures \u00e0 3.20\u003c/li\u003e \u003cli\u003eModicon M258 versions ant\u00e9rieures \u00e0 5.0.4.11\u003c/li\u003e \u003cli\u003eSoMachine/SoMachine Motion software\u003c/li\u003e \u003c/ul\u003e \u003cp\u003e(*) ces versions ne corrigent pas toutes les vuln\u00e9rabilit\u00e9s\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7535"
    },
    {
      "name": "CVE-2020-7542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7542"
    },
    {
      "name": "CVE-2020-7549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7549"
    },
    {
      "name": "CVE-2020-7537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7537"
    },
    {
      "name": "CVE-2020-7560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7560"
    },
    {
      "name": "CVE-2020-28219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28219"
    },
    {
      "name": "CVE-2020-7536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7536"
    },
    {
      "name": "CVE-2020-7543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7543"
    },
    {
      "name": "CVE-2020-28220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28220"
    },
    {
      "name": "CVE-2020-7540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7540"
    }
  ],
  "initial_release_date": "2020-12-08T00:00:00",
  "last_revision_date": "2020-12-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-801",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-12-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-02 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-02/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-06 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-01 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-01/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-07 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-04 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-05 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-09 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-09/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-08 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-03 du 06 d\u00e9cembre 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2020-7540 (GCVE-0-2020-7540)

Vulnerability from cvelistv5

CERTFR-2020-AVI-801

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature