SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-796903751] LOYTEC LVIS-3ME

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-09-14OtherLOYTECDavy Douhine of RandoriSec reported the vulnerabilities to ICS-CERT. N/ACVE-2017-1399 CVE-2017-1399 CVE-2017-1399 CVE-2017-1399 N/AN/AN/A

Source

						
							
								
#
# LOYTEC LVIS-3ME
#


### VULNERABLE VENDOR
LOYTEC


### VULNERABLE PRODUCT
LVIS-3ME



### RESEARCHER
Davy Douhine of RandoriSec reported the vulnerabilities to ICS-CERT.



### AFFECTED PRODUCTS

The following versions of LVIS-3ME, an HMI Touch Panel, are affected:

LVIS-3ME versions prior to 6.2.0



### IMPACT

Successful exploitation of these vulnerabilities may result in information exposure or allow arbitrary code execution.



### VULNERABILITY OVERVIEW

RELATIVE PATH TRAVERSAL CWE-23
The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.
CVE-2017-13996 has been assigned to this vulnerability.
A CVSS v3 base score of 7.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)


INSUFFICIENT ENTROPY CWE-331
The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.
CVE-2017-13992 has been assigned to this vulnerability.
A CVSS v3 base score of 8.1 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)


IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79
The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link.
CVE-2017-13994 has been assigned to this vulnerability.
A CVSS v3 base score of 7.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L)


INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522
The application does not sufficiently protect sensitive information from unauthorized access.
CVE-2017-13998 has been assigned to this vulnerability.
A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Critical Manufacturing, Energy
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Austria




### MITIGATION

LOYTEC has released a firmware update, V6.2.0, to address these vulnerabilities. LOYTEC recommends that users update to the latest firmware update which is available by accessing an account at the following location:

https://www.loytec.com/support/download/