Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2023-25619)

2023-05-1600:00:00

www.tenable.com

schneider electric

modicon

denial of service

vulnerability

modbus tcp protocol

0.001 Low

EPSS

Percentile

23.1%

JSON

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when communicating over the Modbus TCP protocol.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501143);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/22");

  script_cve_id("CVE-2023-25619");

  script_name(english:"Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2023-25619)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A CWE-754: Improper Check for Unusual or Exceptional Conditions
vulnerability exists that could cause denial of service of the
controller when communicating over the Modbus TCP protocol.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-05.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?30ebd42b");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-25619");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(754);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmeh582040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmeh584040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmeh586040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmep582040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmep584040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmep586040s_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:bmep58cpros3_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m340_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicon_m580_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:schneider-electric:modicom_premium_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Schneider");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Schneider');

var asset = tenable_ot::assets::get(vendor:'Schneider');

var vuln_cpes = {
  "cpe:/o:schneider-electric:bmeh582040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmeh584040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmeh586040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmep582040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmep584040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmep586040s_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:bmep58cpros3_firmware" :
      {"family" : "ModiconM580"},
  "cpe:/o:schneider-electric:modicon_m340_series_firmware" :
      {"versionEndExcluding" : "3.51", "family" : "ModiconM340"},
  "cpe:/o:schneider-electric:modicon_m580_series_firmware" :
      {"versionEndExcluding" : "4.10", "family" : "ModiconM580"},
  "cpe:/o:schneider-electric:modicom_premium_firmware" :
      {"family" : "Premium"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

VendorProductVersionCPE
schneider-electricbmeh582040s_firmwarecpe:/o:schneider-electric:bmeh582040s_firmware
schneider-electricbmeh584040s_firmwarecpe:/o:schneider-electric:bmeh584040s_firmware
schneider-electricbmeh586040s_firmwarecpe:/o:schneider-electric:bmeh586040s_firmware
schneider-electricbmep582040s_firmwarecpe:/o:schneider-electric:bmep582040s_firmware
schneider-electricbmep584040s_firmwarecpe:/o:schneider-electric:bmep584040s_firmware
schneider-electricbmep586040s_firmwarecpe:/o:schneider-electric:bmep586040s_firmware
schneider-electricbmep58cpros3_firmwarecpe:/o:schneider-electric:bmep58cpros3_firmware
schneider-electricmodicon_m340_series_firmwarecpe:/o:schneider-electric:modicon_m340_series_firmware
schneider-electricmodicon_m580_series_firmwarecpe:/o:schneider-electric:modicon_m580_series_firmware
schneider-electricmodicom_premium_firmwarecpe:/o:schneider-electric:modicom_premium_firmware

Vendor	Product	CPE
schneider-electric	bmeh582040s_firmware	cpe:/o:schneider-electric:bmeh582040s_firmware
schneider-electric	bmeh584040s_firmware	cpe:/o:schneider-electric:bmeh584040s_firmware
schneider-electric	bmeh586040s_firmware	cpe:/o:schneider-electric:bmeh586040s_firmware
schneider-electric	bmep582040s_firmware	cpe:/o:schneider-electric:bmep582040s_firmware
schneider-electric	bmep584040s_firmware	cpe:/o:schneider-electric:bmep584040s_firmware
schneider-electric	bmep586040s_firmware	cpe:/o:schneider-electric:bmep586040s_firmware
schneider-electric	bmep58cpros3_firmware	cpe:/o:schneider-electric:bmep58cpros3_firmware
schneider-electric	modicon_m340_series_firmware	cpe:/o:schneider-electric:modicon_m340_series_firmware
schneider-electric	modicon_m580_series_firmware	cpe:/o:schneider-electric:modicon_m580_series_firmware
schneider-electric	modicom_premium_firmware	cpe:/o:schneider-electric:modicom_premium_firmware

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25619

www.nessus.org/u?30ebd42b

0.001 Low

EPSS

Percentile

23.1%

JSON

Related for TENABLE_OT_SCHNEIDER_CVE-2023-25619.NASL