Schneider Electric Modicon Incorrect Default Permissions (CVE-2018-7822)

2023-03-0100:00:00

www.tenable.com

schneider electric modicon m221

incorrect default permissions

somachine basic

unauthorized access

tenable.ot

5.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(500861);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/24");

  script_cve_id("CVE-2018-7822");

  script_name(english:"Schneider Electric Modicon Incorrect Default Permissions (CVE-2018-7822)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An Incorrect Default Permissions (CWE-276) vulnerability exists in
SoMachine Basic, all versions, and Modicon M221(all references, all
versions prior to firmware V1.10.0.0) which could cause unauthorized
access to SoMachine Basic resource files when logged on the system
hosting SoMachine Basic.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-045-01
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?76aba565");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-7822");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(276);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/01");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m221_series_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Schneider");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Schneider');

var asset = tenable_ot::assets::get(vendor:'Schneider');

var vuln_cpes = {
    "cpe:/o:schneider-electric:modicon_m221_series_firmware" :
        {"versionEndExcluding" : "1.10.0.0", "family" : "ModiconM221"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);

VendorProductVersionCPE
schneider-electricmodicon_m221_series_firmwarecpe:/o:schneider-electric:modicon_m221_series_firmware

Vendor	Product	Version	CPE
schneider-electric	modicon_m221_series_firmware		cpe:/o:schneider-electric:modicon_m221_series_firmware

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7822

www.nessus.org/u?76aba565