CVE-2024-5679 - Vulnerability Details - OpenCVE

Description

CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or
kernel memory leak when a malicious actor with local user access crafts a script/program using
an IOCTL call in the Foxboro.sys driver.

Published: 2024-07-11

Score: 7.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Schneider Electric

EcoStruxure Foxboro DCS Core Control Services

unaffected

Version	Status	Constraints
`Versions 9.8 and prior`	affected	—

Configuration 1 [-]

cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_core_services:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-46852	CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or kernel memory leak when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00071.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf

History

No history.

Subscriptions

Schneider-electric Ecostruxure Foxboro Dcs Control Core Services

MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2024-07-11T08:18:23.853Z

Updated: 2024-08-01T21:18:06.706Z

Reserved: 2024-06-06T12:06:38.709Z

Link: CVE-2024-5679

Vulnrichment

Updated: 2024-08-01T21:18:06.706Z

NVD

Status : Modified

Published: 2024-07-11T09:15:03.523

Modified: 2024-11-21T09:48:08.710

Link: CVE-2024-5679

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-787

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5679", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "state": "PUBLISHED", "assignerShortName": "schneider", "dateReserved": "2024-06-06T12:06:38.709Z", "datePublished": "2024-07-11T08:18:23.853Z", "dateUpdated": "2024-08-01T21:18:06.706Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "EcoStruxure Foxboro DCS Core Control Services", "vendor": "Schneider Electric", "versions": [{"status": "affected", "version": "Versions 9.8 and prior"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nCWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or\nkernel memory leak when a malicious actor with local user access crafts a script/program using\nan IOCTL call in the Foxboro.sys driver.\n\n"}], "value": "CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or\nkernel memory leak when a malicious actor with local user access crafts a script/program using\nan IOCTL call in the Foxboro.sys driver."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2024-07-11T08:18:23.853Z"}, "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T14:05:59.571941Z", "id": "CVE-2024-5679", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T18:01:50.665Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.706Z"}, "title": "CVE Program Container", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.706Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5679", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T14:05:59.571941Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T18:01:46.171Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Schneider Electric", "product": "EcoStruxure Foxboro DCS Core Control Services", "versions": [{"status": "affected", "version": "Versions 9.8 and prior"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or\nkernel memory leak when a malicious actor with local user access crafts a script/program using\nan IOCTL call in the Foxboro.sys driver.", "supportingMedia": [{"type": "text/html", "value": "\n\nCWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or\nkernel memory leak when a malicious actor with local user access crafts a script/program using\nan IOCTL call in the Foxboro.sys driver.\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2024-07-11T08:18:23.853Z"}}}, "cveMetadata": {"cveId": "CVE-2024-5679", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:18:06.706Z", "dateReserved": "2024-06-06T12:06:38.709Z", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "datePublished": "2024-07-11T08:18:23.853Z", "assignerShortName": "schneider"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_core_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB752A3F-D5CE-4AFC-82D7-F0E3D8805DA5", "versionEndIncluding": "9.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, or\nkernel memory leak when a malicious actor with local user access crafts a script/program using\nan IOCTL call in the Foxboro.sys driver."}, {"lang": "es", "value": "CWE-787: Existe una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda causar denegaci\u00f3n de servicio local o p\u00e9rdida de memoria del kernel cuando un actor malintencionado con acceso de usuario local crea un script/programa usando una llamada IOCTL en el controlador Foxboro.sys."}], "id": "CVE-2024-5679", "lastModified": "2024-11-21T09:48:08.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "cybersecurity@se.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-11T09:15:03.523", "references": [{"source": "cybersecurity@se.com", "tags": ["Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-191-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-191-02.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "cybersecurity@se.com", "type": "Secondary"}]}