Search

Find a vulnerability

Search criteria

    10 vulnerabilities by SAUTER Controls

    VAR-201702-0158

    Vulnerability from variot - Updated: 2025-04-20 23:23

    An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0158",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "novaweb web hmi",
            "scope": null,
            "trust": 1.2,
            "vendor": "sauter",
            "version": null
          },
          {
            "model": "novaweb web hmi",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sauter controls",
            "version": "*"
          },
          {
            "model": "novaweb web hmi",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fr sauter",
            "version": null
          },
          {
            "model": "novaweb web hmi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sauter",
            "version": "0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "BID",
            "id": "94782"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:sauter:novaweb_web_hmi",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Maxim Rupp",
        "sources": [
          {
            "db": "BID",
            "id": "94782"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2016-10224",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2016-10224",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2016-12553",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2016-10224",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2016-10224",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10224",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10224",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-12553",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-464",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user. Sauter is a leading provider of construction, room automation, energy management and equipment management. The Sauter NovaWeb Web HMI has a certification bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. \nAttackers can exploit this issue to gain unauthorized access and perform unauthorized actions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "BID",
            "id": "94782"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-16-343-02",
            "trust": 3.3
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "94782",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "BID",
            "id": "94782"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "id": "VAR-201702-0158",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          }
        ],
        "trust": 1.2999999999999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:23:53.182000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.sauter-controls.com/en.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-254",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-343-02"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/94782"
          },
          {
            "trust": 0.9,
            "url": "http://www.sauter-controls.com/en.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10224"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10224"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "BID",
            "id": "94782"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "db": "BID",
            "id": "94782"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-12-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "date": "2016-12-08T00:00:00",
            "db": "BID",
            "id": "94782"
          },
          {
            "date": "2017-03-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "date": "2017-02-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "date": "2017-02-13T21:59:00.127000",
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-12-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-12553"
          },
          {
            "date": "2019-04-12T21:00:00",
            "db": "BID",
            "id": "94782"
          },
          {
            "date": "2017-03-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          },
          {
            "date": "2021-09-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2016-10224"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sauter NovaWeb Web HMI Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007957"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-464"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201602-0088

    Vulnerability from variot - Updated: 2025-04-13 23:03

    Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Sauter moduWeb Vision is prone to multiple security vulnerabilities: 1. Multiple information-disclosure vulnerabilities 2. Other attacks may also be possible. Vulnerabilities


    CVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914

    CVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915

    CVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916

    Other risk exposures


    Undocumented default accounts

    Note that default accounts with changeable passwords, even when those are undocumented and do not look as user accounts neither in interface or documentation, constitute a formal vulnerability. It is at worst a misconfiguration.

    References (Source)


    This advisory:

    https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/

    ICS CERT:

    https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01

    Summary of the issues

    In short \x96 By obtaining access to a system using undocumented accounts, it is possible to obtain a low privilege level.

    By exploiting the fact that the cashed credentials used for the \x93remember me\x94 function of the web application employ the same encryption as the one used for protection of passwords included in backups, a user can elevate privileges to administrator level.

    The backups also contain other encrypted configuration information which can further an attacker\x92s access to also affect for example email accounts used for notifications.

    By accessing the system as an administrator, an attacker can obtain those credentials in plain text from the system as they are included in the configuration details, protected only by the use of \x93password\x94 field-types in the forms.

    In essence this constitute a pass the hash vulnerability. Just as with https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/ which used hashed inputs to generate secure transfer of credentials over non encrypted connections, applying the same protection scheme to its stored, and exposed, secrets.

    Don\x92t do your own cryptography.

    A bit more details, sufficient for the interested reader to recreate but not a straight forward guide, available at the provided references.

    Martin Jartelius \x96 CSO \x96 Outpost24 John Stock \x96 Technology Program Director \x96 Outpost24

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201602-0088",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "moduweb vision",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "sauter controls",
            "version": "1.5"
          },
          {
            "model": "moduweb vision",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "fr sauter",
            "version": "(ey-ws505f0x0) 1.6.0"
          },
          {
            "model": "ey-ws505f0x0 moduweb vision",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "sauter",
            "version": "1.6.0"
          },
          {
            "model": "moduweb vision",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sauter",
            "version": "1.5"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "moduweb vision",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:sauter:moduweb_vision",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Martin Jartelius and John Stock of Outpost24.",
        "sources": [
          {
            "db": "BID",
            "id": "82408"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-7916",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2015-7916",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2016-00979",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "624a92fa-2351-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "LOW",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2015-7916",
                "impactScore": 3.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-7916",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-7916",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-00979",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201602-126",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "624a92fa-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. Sauter moduWeb Vision is prone to multiple security vulnerabilities:\n1. Multiple information-disclosure vulnerabilities\n2. Other attacks may also be possible. Vulnerabilities\n\n---------------\n\nCVSS 10 - INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914\n\nCVSS 10 - INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915\n\nCVSS 7.4 - CROSS-SITE SCRIPTING CVE-2015-7916\n\n \n\nOther risk exposures\n\n---------------\n\nUndocumented default accounts\n\n \n\nNote that default accounts with changeable passwords, even when those\nare undocumented and do not look as user accounts neither in interface\nor documentation, constitute a formal vulnerability. It is at worst a\nmisconfiguration. \n\n \n\nReferences (Source)\n\n---------------\n\nThis advisory:\n\nhttps://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/\n\n \n\nICS CERT:\n\nhttps://ics-cert.us-cert.gov/advisories/ICSA-16-033-01\n\n\nSummary of the issues\n---------------\nIn short \\x96 By obtaining access to a system using undocumented accounts,\nit is possible to obtain a low privilege level. \n\nBy exploiting the fact that the cashed credentials used for the\n\\x93remember me\\x94 function of the web application employ the same encryption\nas the one used for protection of passwords included in backups, a user\ncan elevate privileges to administrator level. \n\nThe backups also contain other encrypted configuration information which\ncan further an attacker\\x92s access to also affect for example email\naccounts used for notifications. \n\nBy accessing the system as an administrator, an attacker can obtain\nthose credentials in plain text from the system as they are included in\nthe configuration details, protected only by the use of \\x93password\\x94\nfield-types in the forms. \n\nIn essence this constitute a pass the hash vulnerability. Just as with\nhttps://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/\nwhich used hashed inputs to generate secure transfer of credentials over\nnon encrypted connections, applying the same protection scheme to its\nstored, and exposed, secrets. \n\n\nDon\\x92t do your own cryptography. \n\n \n\nA bit more details, sufficient for the interested reader to recreate but\nnot a straight forward guide, available at the provided references. \n\n \n\n \n\nMartin Jartelius \\x96 CSO \\x96 Outpost24\nJohn Stock \\x96 Technology Program Director \\x96 Outpost24\n\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "BID",
            "id": "82408"
          },
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "PACKETSTORM",
            "id": "135615"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-7916",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-16-033-01",
            "trust": 3.4
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "82408",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "624A92FA-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "135615",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "BID",
            "id": "82408"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "PACKETSTORM",
            "id": "135615"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "id": "VAR-201602-0088",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          }
        ],
        "trust": 1.8
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:03:16.466000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Web server for moduWeb Vision and moduWeb500 BACnet networks",
            "trust": 0.8,
            "url": "http://www.sauter-controls.com/en/products-sauter/product-details/pdm/ey-ws-500-web-server-for-moduweb-vision-and-moduweb500-bacnet-networks.html"
          },
          {
            "title": "Patch for Sauter moduWeb Vision Web Server Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/71353"
          },
          {
            "title": "Sauter EY-WS505F0x0 moduWeb Vision Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60078"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-033-01"
          },
          {
            "trust": 1.6,
            "url": "http://seclists.org/fulldisclosure/2016/feb/25"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7916"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7916"
          },
          {
            "trust": 0.3,
            "url": "http://www.sauter-controls.com/en.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.outpost24.com/critical-scada-vulnerabilities-sauter-moduweb/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7916"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7915"
          },
          {
            "trust": 0.1,
            "url": "https://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7914"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "BID",
            "id": "82408"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "PACKETSTORM",
            "id": "135615"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "db": "BID",
            "id": "82408"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "db": "PACKETSTORM",
            "id": "135615"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-02-16T00:00:00",
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2016-02-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "date": "2016-02-02T00:00:00",
            "db": "BID",
            "id": "82408"
          },
          {
            "date": "2016-02-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "date": "2016-02-05T15:55:55",
            "db": "PACKETSTORM",
            "id": "135615"
          },
          {
            "date": "2016-02-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "date": "2016-02-06T05:59:02.323000",
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-02-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          },
          {
            "date": "2016-07-05T21:21:00",
            "db": "BID",
            "id": "82408"
          },
          {
            "date": "2016-02-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006867"
          },
          {
            "date": "2020-06-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-7916"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sauter moduWeb Vision Web Server Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "624a92fa-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-00979"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "xss",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "135615"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201602-126"
          }
        ],
        "trust": 0.7
      }
    }

    VAR-201811-0102

    Vulnerability from variot - Updated: 2024-11-23 23:08

    An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure. CASE Suite Is XML An external entity vulnerability exists.Information may be obtained. Fr. Sauter AG CASE Suite is a software development kit for building automation systems from Swiss company Fr. Sauter AG. Sauter AG CASE Suite 3.10 and earlier. A remote attacker could use this vulnerability to cause a file leak. An attacker can exploit this issue to gain access to sensitive information from the application; this may lead to further attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201811-0102",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "case suite",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "sauter controls",
            "version": "3.10"
          },
          {
            "model": "sauter ag case suite",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fr",
            "version": "\u003c=3.10"
          },
          {
            "model": "sauter ag case suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fr",
            "version": "3.10"
          },
          {
            "model": "sauter ag case suite service release",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fr",
            "version": "3.10"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "case suite",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "BID",
            "id": "105804"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:sauter-controls:case_suite",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gjoko Krstic",
        "sources": [
          {
            "db": "BID",
            "id": "105804"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2018-17912",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-17912",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-44954",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-17912",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-17912",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-17912",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-44954",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201811-024",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01",
                "trust": 0.2,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure. CASE Suite Is XML An external entity vulnerability exists.Information may be obtained. Fr. Sauter AG CASE Suite is a software development kit for building automation systems from Swiss company Fr. Sauter AG. Sauter AG CASE Suite 3.10 and earlier. A remote attacker could use this vulnerability to cause a file leak. \nAn attacker can exploit this issue to gain access to sensitive information from the application; this may lead to further attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "BID",
            "id": "105804"
          },
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-17912",
            "trust": 3.5
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-305-04",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "105804",
            "trust": 1.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "F1122210-9EA6-41D9-A6CD-53D3BC909E01",
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "BID",
            "id": "105804"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "id": "VAR-201811-0102",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          }
        ],
        "trust": 1.55
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:33.660000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CASE Suite",
            "trust": 0.8,
            "url": "https://www.sauter-controls.com/en/products-sauter/product-details/pdm/gzs-100-150-case-suite.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-611",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-305-04"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/105804"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17912"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-17912"
          },
          {
            "trust": 0.3,
            "url": "https://www.sauter-controls.com/en/products-sauter/product-details/pdm/gzs-100-150-case-suite.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "BID",
            "id": "105804"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "db": "BID",
            "id": "105804"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-11T00:00:00",
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "date": "2019-12-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "date": "2018-11-01T00:00:00",
            "db": "BID",
            "id": "105804"
          },
          {
            "date": "2019-03-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "date": "2018-11-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "date": "2018-11-02T14:29:03.130000",
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          },
          {
            "date": "2018-11-01T00:00:00",
            "db": "BID",
            "id": "105804"
          },
          {
            "date": "2019-03-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-013991"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          },
          {
            "date": "2024-11-21T03:55:11.637000",
            "db": "NVD",
            "id": "CVE-2018-17912"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fr. Sauter AG CASE Suite XML External entity injection vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44954"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Code problem",
        "sources": [
          {
            "db": "IVD",
            "id": "f1122210-9ea6-41d9-a6cd-53d3bc909e01"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-024"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202210-1908

    Vulnerability from variot - Updated: 2024-08-14 15:06

    SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials. SAUTER Provided by the company moduWeb is the central monitoring device of the company's building automation system ( B-OWS : BACnet Operator Workstation )is. moduWeb contains the following vulnerabilities: * Reflected cross-site scripting (CWE-79) - CVE-2022-40190Successful exploitation of this vulnerability could result in the following effects from a remote third party: * An arbitrary script is executed on the web browser of the user who accessed the monitoring screen of the product, and sensitive information including user authentication information is stolen

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202210-1908",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "moduweb",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sauter controls",
            "version": "2.7.1"
          },
          {
            "model": "moduweb",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fr sauter",
            "version": "moduweb  firmware  2.7.1"
          },
          {
            "model": "moduweb",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fr sauter",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "cve": "CVE-2022-40190",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-40190",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-40190",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2022-002631",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-40190",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2022-40190",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2022-002631",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202210-2419",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users\u2019 browsers and steal sensitive information, including user credentials. SAUTER Provided by the company moduWeb is the central monitoring device of the company\u0027s building automation system ( B-OWS : BACnet Operator Workstation )is. moduWeb contains the following vulnerabilities: * Reflected cross-site scripting (CWE-79) - CVE-2022-40190Successful exploitation of this vulnerability could result in the following effects from a remote third party: * An arbitrary script is executed on the web browser of the user who accessed the monitoring screen of the product, and sensitive information including user authentication information is stolen",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-22-300-02",
            "trust": 2.5
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190",
            "trust": 2.5
          },
          {
            "db": "JVN",
            "id": "JVNVU90122134",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.5425",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-435995",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "id": "VAR-202210-1908",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-08-14T15:06:05.383000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Welcome\u00a0to\u00a0SAUTER",
            "trust": 0.8,
            "url": "https://www.sauter-controls.com/en/"
          },
          {
            "title": "SAUTER Controls moduWeb Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=212872"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu90122134"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.5425"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-40190/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-10-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "date": "2022-10-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "date": "2022-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "date": "2022-10-31T21:15:12.660000",
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-11-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-435995"
          },
          {
            "date": "2022-10-31T06:47:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          },
          {
            "date": "2022-11-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          },
          {
            "date": "2022-11-02T14:13:10.390000",
            "db": "NVD",
            "id": "CVE-2022-40190"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SAUTER\u00a0 Made \u00a0moduWeb\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002631"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202210-2419"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2023-0053 (GCVE-0-2023-0053)

    Vulnerability from nvd – Published: 2023-03-02 00:15 – Updated: 2025-01-16 21:55
    VLAI
    Title
    SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information
    Summary
    SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls Nova 220 (EYK220F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 230 (EYK230F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 106 (EYK300F001) BACnet communication card Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls moduNet300 (EY-AM300F001, EY-AM300F002) Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    Date Public
    2023-01-12 18:15
    Credits
    Jairo Alonso Ortiz, Aarón Flecha Menéndez and Iñaki Lázaro Ayanz of S21Sec
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:54:32.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0053",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-16T20:56:33.933472Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T21:55:31.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Nova 220 (EYK220F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 230 (EYK230F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 106 (EYK300F001) BACnet communication card",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "moduNet300 (EY-AM300F001, EY-AM300F002)",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jairo Alonso Ortiz, Aar\u00f3n Flecha Men\u00e9ndez and I\u00f1aki L\u00e1zaro Ayanz of S21Sec"
            }
          ],
          "datePublic": "2023-01-12T18:15:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nSAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and \nprior and BACnetstac version 4.2.1 and prior have only FTP and Telnet \navailable for device management. Any sensitive information communicated \nthrough these protocols, such as credentials, is sent in cleartext. An \nattacker could obtain sensitive information such as user credentials to \ngain access to the system. \n\n\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and \nprior and BACnetstac version 4.2.1 and prior have only FTP and Telnet \navailable for device management. Any sensitive information communicated \nthrough these protocols, such as credentials, is sent in cleartext. An \nattacker could obtain sensitive information such as user credentials to \ngain access to the system. \n\n\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-26T23:18:13.533Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SAUTER Controls Nova 200\u2013220 Series Cleartext Transmission of Sensitive Information",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\u003cp\u003eSAUTER Controls has stated that this product line is no longer \nsupported, as it was discontinued in 2016. SAUTER Controls recommends \nusers take all necessary measures to protect the integrity of building \nautomation network access, using all appropriate means and policies to \nminimize risks. Sauter Controls recommends users evaluate and upgrade \nlegacy systems to current solutions where necessary. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eAffected users should contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.sauter-controls.com/\"\u003eSAUTER Controls\u003c/a\u003e\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003efor instructions on upgrading legacy systems.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls has stated that this product line is no longer \nsupported, as it was discontinued in 2016. SAUTER Controls recommends \nusers take all necessary measures to protect the integrity of building \nautomation network access, using all appropriate means and policies to \nminimize risks. Sauter Controls recommends users evaluate and upgrade \nlegacy systems to current solutions where necessary. \u00a0\n\n\nAffected users should contact  SAUTER Controls https://www.sauter-controls.com/ \u00a0for instructions on upgrading legacy systems.\n\n"
            }
          ],
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0052"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2023-0053",
        "datePublished": "2023-03-02T00:15:49.817Z",
        "dateReserved": "2023-01-04T16:24:06.705Z",
        "dateUpdated": "2025-01-16T21:55:31.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0052 (GCVE-0-2023-0052)

    Vulnerability from nvd – Published: 2023-01-20 21:23 – Updated: 2025-01-16 21:59
    VLAI
    Title
    SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
    Summary
    SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls Nova 220 (EYK220F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 230 (EYK230F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 106 (EYK300F001) BACnet communication card Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls moduNet300 (EY-AM300F001, EY-AM300F002) Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    Date Public
    2023-01-12 18:15
    Credits
    Jairo Alonso Ortiz, Aarón Flecha Menéndez and Iñaki Lázaro Ayanz of S21Sec
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:54:32.667Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0052",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-16T20:59:16.761958Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T21:59:17.430Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Nova 220 (EYK220F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 230 (EYK230F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 106 (EYK300F001) BACnet communication card",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "moduNet300 (EY-AM300F001, EY-AM300F002)",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jairo Alonso Ortiz, Aar\u00f3n Flecha Men\u00e9ndez and I\u00f1aki L\u00e1zaro Ayanz of S21Sec"
            }
          ],
          "datePublic": "2023-01-12T18:15:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eSAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-26T23:15:06.756Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SAUTER Controls Nova 200\u2013220 Series Missing Authentication for Critical Function",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0052"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2023-0052",
        "datePublished": "2023-01-20T21:23:08.018Z",
        "dateReserved": "2023-01-04T16:24:05.161Z",
        "dateUpdated": "2025-01-16T21:59:17.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-40190 (GCVE-0-2022-40190)

    Vulnerability from nvd – Published: 2022-10-31 20:14 – Updated: 2025-04-16 17:43
    VLAI
    Summary
    SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls moduWeb Affected: firmware Version 2.7.1
    Create a notification for this product.
    Date Public
    2022-10-27 00:00
    Credits
    Ithaca Labs of Odyssey Cyber Security reported this vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:14:39.857Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:26:09.761346Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:43:26.696Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "moduWeb",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware Version 2.7.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Ithaca Labs of Odyssey Cyber Security reported this vulnerability."
            }
          ],
          "datePublic": "2022-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users\u2019 browsers and steal sensitive information, including user credentials."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-40190",
        "datePublished": "2022-10-31T20:14:59.780Z",
        "dateReserved": "2022-09-29T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:43:26.696Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0053 (GCVE-0-2023-0053)

    Vulnerability from cvelistv5 – Published: 2023-03-02 00:15 – Updated: 2025-01-16 21:55
    VLAI
    Title
    SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information
    Summary
    SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls Nova 220 (EYK220F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 230 (EYK230F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 106 (EYK300F001) BACnet communication card Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls moduNet300 (EY-AM300F001, EY-AM300F002) Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    Date Public
    2023-01-12 18:15
    Credits
    Jairo Alonso Ortiz, Aarón Flecha Menéndez and Iñaki Lázaro Ayanz of S21Sec
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:54:32.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0053",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-16T20:56:33.933472Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T21:55:31.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Nova 220 (EYK220F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 230 (EYK230F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 106 (EYK300F001) BACnet communication card",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "moduNet300 (EY-AM300F001, EY-AM300F002)",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jairo Alonso Ortiz, Aar\u00f3n Flecha Men\u00e9ndez and I\u00f1aki L\u00e1zaro Ayanz of S21Sec"
            }
          ],
          "datePublic": "2023-01-12T18:15:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\nSAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and \nprior and BACnetstac version 4.2.1 and prior have only FTP and Telnet \navailable for device management. Any sensitive information communicated \nthrough these protocols, such as credentials, is sent in cleartext. An \nattacker could obtain sensitive information such as user credentials to \ngain access to the system. \n\n\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and \nprior and BACnetstac version 4.2.1 and prior have only FTP and Telnet \navailable for device management. Any sensitive information communicated \nthrough these protocols, such as credentials, is sent in cleartext. An \nattacker could obtain sensitive information such as user credentials to \ngain access to the system. \n\n\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-26T23:18:13.533Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "SAUTER Controls Nova 200\u2013220 Series Cleartext Transmission of Sensitive Information",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\u003cp\u003eSAUTER Controls has stated that this product line is no longer \nsupported, as it was discontinued in 2016. SAUTER Controls recommends \nusers take all necessary measures to protect the integrity of building \nautomation network access, using all appropriate means and policies to \nminimize risks. Sauter Controls recommends users evaluate and upgrade \nlegacy systems to current solutions where necessary. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eAffected users should contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.sauter-controls.com/\"\u003eSAUTER Controls\u003c/a\u003e\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003efor instructions on upgrading legacy systems.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls has stated that this product line is no longer \nsupported, as it was discontinued in 2016. SAUTER Controls recommends \nusers take all necessary measures to protect the integrity of building \nautomation network access, using all appropriate means and policies to \nminimize risks. Sauter Controls recommends users evaluate and upgrade \nlegacy systems to current solutions where necessary. \u00a0\n\n\nAffected users should contact  SAUTER Controls https://www.sauter-controls.com/ \u00a0for instructions on upgrading legacy systems.\n\n"
            }
          ],
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0052"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2023-0053",
        "datePublished": "2023-03-02T00:15:49.817Z",
        "dateReserved": "2023-01-04T16:24:06.705Z",
        "dateUpdated": "2025-01-16T21:55:31.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-0052 (GCVE-0-2023-0052)

    Vulnerability from cvelistv5 – Published: 2023-01-20 21:23 – Updated: 2025-01-16 21:59
    VLAI
    Title
    SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
    Summary
    SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls Nova 220 (EYK220F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 230 (EYK230F001) DDC with BACnet connection Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls Nova 106 (EYK300F001) BACnet communication card Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    SAUTER Controls moduNet300 (EY-AM300F001, EY-AM300F002) Affected: Firmware all versions , ≤ 3.3-006 (custom)
    Affected: BACnetstac all versions , ≤ 4.2.1 (custom)
    Create a notification for this product.
    Date Public
    2023-01-12 18:15
    Credits
    Jairo Alonso Ortiz, Aarón Flecha Menéndez and Iñaki Lázaro Ayanz of S21Sec
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:54:32.667Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-0052",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-16T20:59:16.761958Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-16T21:59:17.430Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Nova 220 (EYK220F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 230 (EYK230F001) DDC with BACnet connection",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Nova 106 (EYK300F001) BACnet communication card",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "moduNet300 (EY-AM300F001, EY-AM300F002)",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "lessThanOrEqual": "3.3-006",
                  "status": "affected",
                  "version": "Firmware all versions",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "BACnetstac all versions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jairo Alonso Ortiz, Aar\u00f3n Flecha Men\u00e9ndez and I\u00f1aki L\u00e1zaro Ayanz of S21Sec"
            }
          ],
          "datePublic": "2023-01-12T18:15:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eSAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.\u003c/p\u003e"
                }
              ],
              "value": "SAUTER Controls Nova 200\u2013220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-26T23:15:06.756Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-05"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SAUTER Controls Nova 200\u2013220 Series Missing Authentication for Critical Function",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0052"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2023-0052",
        "datePublished": "2023-01-20T21:23:08.018Z",
        "dateReserved": "2023-01-04T16:24:05.161Z",
        "dateUpdated": "2025-01-16T21:59:17.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-40190 (GCVE-0-2022-40190)

    Vulnerability from cvelistv5 – Published: 2022-10-31 20:14 – Updated: 2025-04-16 17:43
    VLAI
    Summary
    SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    Impacted products
    Vendor Product Version
    SAUTER Controls moduWeb Affected: firmware Version 2.7.1
    Create a notification for this product.
    Date Public
    2022-10-27 00:00
    Credits
    Ithaca Labs of Odyssey Cyber Security reported this vulnerability.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:14:39.857Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-40190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-16T17:26:09.761346Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-16T17:43:26.696Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "moduWeb",
              "vendor": "SAUTER Controls",
              "versions": [
                {
                  "status": "affected",
                  "version": "firmware Version 2.7.1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Ithaca Labs of Odyssey Cyber Security reported this vulnerability."
            }
          ],
          "datePublic": "2022-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users\u2019 browsers and steal sensitive information, including user credentials."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2022-40190",
        "datePublished": "2022-10-31T20:14:59.780Z",
        "dateReserved": "2022-09-29T00:00:00.000Z",
        "dateUpdated": "2025-04-16T17:43:26.696Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }