SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-778931886] Schneider Electric VAMPSET

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-05-16OtherSchneider ElectricKushal Arvind Shah from Fortinets Fortiguard Labs reported this vulnerability directly to Schneider Electric. N/ACVE-2017-7967 N/AN/AN/A

Source

						
							
								
#
# Schneider Electric VAMPSET
#


### VULNERABLE VENDOR
Schneider Electric


### VULNERABLE PRODUCT
VAMPSET



### RESEARCHER
Kushal Arvind Shah from Fortinet's Fortiguard Labs reported this vulnerability directly to Schneider Electric.



### AFFECTED PRODUCTS

Schneider Electric reports that the vulnerability affects the following VAMPSET setting and configuration software products:

VAMPSET, versions prior to v2.2.189



### IMPACT

Successful exploitation of this vulnerability could allow a local attacker to cause the software to enter a denial-of-service condition. The Windows operating system remains operational through the attack.



### VULNERABILITY OVERVIEW

IMPROPER INPUT VALIDATION CWE-20
VAMPSET is susceptible to a memory corruption vulnerability when a corrupted settings file is loaded.
This vulnerability causes the software to halt or not start when trying to open the corrupted file.
CVE-2017-7967 has been assigned to this vulnerability.
A CVSS v3 base score of 5.6 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Energy
Countries/Areas Deployed: Worldwide
Company Headquarters Location: France




### MITIGATION

Schneider Electric has updated the VAMPSET tool in order to recognize malformed setting files. A new version of firmware with the fix for this vulnerability is available for download at the following location:

http://www.schneider-electric.com/en/download/document/VAMPSET_v2.2.191/


After the new version of firmware is installed, when a malformed file is loaded VAMPSET will remain operational and report to the user: "Cannot open file."
Schneider Electric has issued Security Notification SEVD-2017-061-01, which contains additional information:

http://www.schneider-electric.com/en/download/document/SEVD-2017-061-01/