VAR-201608-0459
Vulnerability from variot - Updated: 2022-05-17 02:08This vulnerability allows attackers to escalate their privilege to system administrator on vulnerable installations of ABB DataManagerPro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the file permissions set during product installation. The World account is set to have full rights to the directory that contains the binaries that are executed by system administrators. File substitution would then allow a standard user on the system to replace code that is subsequently run by a system administrator. ABB DataManagerPro is a set of data analysis software from Swiss ABB company. The software can automatically collect data via Ethernet and database management. A local attacker could use this vulnerability to gain elevated permissions
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "datamanagerpro",
"scope": null,
"trust": 1.3,
"vendor": "abb",
"version": null
},
{
"_id": null,
"model": "datamanagerpro",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"_id": null,
"model": "datamanagerpro",
"scope": "eq",
"trust": 0.2,
"vendor": "abb",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
},
{
"db": "ZDI",
"id": "ZDI-16-479"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
},
{
"db": "BID",
"id": "92531"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-479"
}
],
"trust": 0.7
},
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "ZDI-16-479",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2016-06458",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "ZDI-16-479",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-06458",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
},
{
"db": "ZDI",
"id": "ZDI-16-479"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows attackers to escalate their privilege to system administrator on vulnerable installations of ABB DataManagerPro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the file permissions set during product installation. The World account is set to have full rights to the directory that contains the binaries that are executed by system administrators. File substitution would then allow a standard user on the system to replace code that is subsequently run by a system administrator. ABB DataManagerPro is a set of data analysis software from Swiss ABB company. The software can automatically collect data via Ethernet and database management. A local attacker could use this vulnerability to gain elevated permissions",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-479"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387"
},
{
"db": "BID",
"id": "92531"
},
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
}
],
"trust": 2.16
},
"external_ids": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-16-479",
"trust": 1.6
},
{
"db": "BID",
"id": "92531",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2016-06458",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3500",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387",
"trust": 0.6
},
{
"db": "IVD",
"id": "C527E41D-F965-4AFF-BBF7-2C4B92C9B06E",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
},
{
"db": "ZDI",
"id": "ZDI-16-479"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
},
{
"db": "BID",
"id": "92531"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387"
}
]
},
"id": "VAR-201608-0459",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
}
],
"trust": 1.51428573
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e"
},
{
"db": "CNVD",
"id": "CNVD-2016-06458"
}
]
},
"last_update_date": "2022-05-17T02:08:05.424000Z",
"references": {
"_id": null,
"data": [
{
"trust": 0.9,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-479/"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/92531"
},
{
"trust": 0.3,
"url": "http://www.abb.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06458"
},
{
"db": "BID",
"id": "92531"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-16-479",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2016-06458",
"ident": null
},
{
"db": "BID",
"id": "92531",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-08-20T00:00:00",
"db": "IVD",
"id": "c527e41d-f965-4aff-bbf7-2c4b92c9b06e",
"ident": null
},
{
"date": "2016-08-17T00:00:00",
"db": "ZDI",
"id": "ZDI-16-479",
"ident": null
},
{
"date": "2016-08-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06458",
"ident": null
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92531",
"ident": null
},
{
"date": "2016-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-387",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-08-17T00:00:00",
"db": "ZDI",
"id": "ZDI-16-479",
"ident": null
},
{
"date": "2016-08-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06458",
"ident": null
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92531",
"ident": null
},
{
"date": "2016-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-387",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "BID",
"id": "92531"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-387"
}
],
"trust": 0.9
},
"title": {
"_id": null,
"data": "(0Day) ABB DataManagerPro File Permissions Privilege Escalation Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-479"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-387"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…