CVE-2018-8840

HIGH

Description

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.

References

http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/

http://www.securityfocus.com/bid/103949

https://ics-cert.us-cert.gov/advisories/ICSA-18-107-01

https://www.tenable.com/security/research/tra-2018-07

Details

Source: MITRE

Published: 2018-04-18

Updated: 2018-05-22

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 10

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (3 total)

ID	Name	Product	Family	Severity
109280	Schneider Electric InduSoft Web Studio / InTouch Machine Edition Opcode 50 mbstowcs() Stack Overflow	Nessus	SCADA	critical
109144	Schneider Electric InduSoft Web Studio RCE (Apr 2018)	Nessus	Windows	critical
109143	Schneider Electric InTouch Machine Edition RCE (Apr 2018)	Nessus	Windows	critical