Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitized and malicious code could be executed in the clients browser session and trigger PLC operations via the webserver that the legitimate user is authorized to perform.
Los dispositivos afectados no sanean correctamente el contenido de los archivos de traza. Esto podría permitir a un atacante inyectar código mediante ingeniería social para que un usuario legítimo importe un archivo de traza especialmente diseñado.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Attack Requirements | NONE |
| Privileges Required | NONE |
| User Interaction | PASSIVE |
| Vulnerability Confidentiality | HIGH |
| Vulnerability Integrity | HIGH |
| Vulnerability Availability | HIGH |
| Subsequent Confidentiality | HIGH |
| Subsequent Integrity | HIGH |
| Subsequent Availability | HIGH |
Source: [email protected]
Type: Secondary
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-95
|