CVE-2013-0664 - OpenCVE

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Schneider-electric	Modicon M340 Modicon Premium Modicon Quantum Plc

Configuration 1 [-]

OR	cpe:2.3:h:schneider-electric:modicon_quantum_plc:140noe77111:::::::*
	cpe:2.3:h:schneider-electric:modicon_quantum_plc:140nwm10000:::::::*

Configuration 2 [-]

cpe:2.3:h:schneider-electric:modicon_m340:bmxnoe0110x:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:h:schneider-electric:modicon_premium:tsxety5103:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf
http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/
http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2013-04-04T10:00:00Z

Updated: 2024-09-16T19:30:03.282Z

Reserved: 2012-12-19T00:00:00Z

Link: CVE-2013-0664

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2013-04-04T11:58:49.823

Modified: 2013-04-04T13:43:38.750

Link: CVE-2013-0664

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-04-04T10:00:00Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper"}, {"tags": ["x_refsource_MISC"], "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2013-0664", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/", "refsource": "CONFIRM", "url": "http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/"}, {"name": "http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper", "refsource": "CONFIRM", "url": "http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper"}, {"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.668Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2013-0664", "datePublished": "2013-04-04T10:00:00Z", "dateReserved": "2012-12-19T00:00:00Z", "dateUpdated": "2024-09-16T19:30:03.282Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_plc:140noe77111:*:*:*:*:*:*:*", "matchCriteriaId": "56FB594F-638A-4E8B-9072-475E64CDE999", "vulnerable": true}, {"criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_plc:140nwm10000:*:*:*:*:*:*:*", "matchCriteriaId": "AD53FEBF-FF81-4563-B80C-CE67ABDA233B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m340:bmxnoe0110x:*:*:*:*:*:*:*", "matchCriteriaId": "5E2D7BD5-2273-41E1-A446-4F7729003381", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_premium:tsxety5103:*:*:*:*:*:*:*", "matchCriteriaId": "D7579763-6663-41F7-A162-5FEBA9A9CE70", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests."}, {"lang": "es", "value": "El servicio FactoryCast en los m\u00f3dulos Electric Quantum 140NOE77111 y 140NWM10000, M340 BMXNOE0110x, y Premium TSXETY5103 PLC , permite a usuarios autenticados remotamente el env\u00edo de mensajes Modbus, y por consiguiente la ejecuci\u00f3n de c\u00f3digo arbitrario embebiendo estos mensajes en peticiones SOAP HTTP POST."}], "id": "CVE-2013-0664", "lastModified": "2013-04-04T13:43:38.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-04-04T11:58:49.823", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["US Government Resource"], "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}