CVE-2021-43936 - OpenCVE

The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Webhmi	Webhmi Firmware Webhmi

Configuration 1 [-]

AND

cpe:2.3:o:webhmi:webhmi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:webhmi:webhmi:-:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html	Exploit Third Party Advisory VDB Entry
https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03	Patch Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2021-12-06T17:39:24

Updated: 2021-12-13T16:06:24

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43936

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-12-06T18:15:08.353

Modified: 2022-04-12T18:06:18.693

Link: CVE-2021-43936

JSON object: View

Redhat Information

No data.

CWE

CWE-434

{"containers": {"cna": {"affected": [{"product": "WebHMI", "vendor": "Distributed Data Systems", "versions": [{"lessThan": "4.1", "status": "affected", "version": "4.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Marcin Dudek of CERT.PL reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "value": "The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution."}], "exploits": [{"lang": "en", "value": "None"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-13T16:06:24", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html"}], "source": {"advisory": "ICSA-21-336-03", "defect": ["CWE-434"], "discovery": "EXTERNAL"}, "title": "Distributed Data Systems WebHM", "workarounds": [{"lang": "en", "value": "Distributed Data Systems recommends upgrading the platform software to the latest release, Version 4.1"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2021-43936", "STATE": "PUBLIC", "TITLE": "Distributed Data Systems WebHM"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WebHMI", "version": {"version_data": [{"version_affected": "<", "version_name": "4.1", "version_value": "4.1"}]}}]}, "vendor_name": "Distributed Data Systems"}]}}, "credit": [{"lang": "eng", "value": "Marcin Dudek of CERT.PL reported these vulnerabilities to CISA."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution."}]}, "exploit": [{"lang": "en", "value": "None"}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Unrestricted Upload of File with Dangerous Type"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03"}, {"name": "http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html"}]}, "source": {"advisory": "ICSA-21-336-03", "defect": ["CWE-434"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Distributed Data Systems recommends upgrading the platform software to the latest release, Version 4.1"}]}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-43936", "datePublished": "2021-12-06T17:39:24", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2021-12-13T16:06:24", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:webhmi:webhmi_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "194BB82B-39C9-4A70-BFBE-2C2CE273556D", "versionEndExcluding": "4.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:webhmi:webhmi:-:*:*:*:*:*:*:*", "matchCriteriaId": "A01C62B5-41A7-407B-BB31-668756184F45", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution."}, {"lang": "es", "value": "El software permite al atacante cargar o transferir archivos de tipos peligrosos al portal WebHMI, que pueden ser procesados autom\u00e1ticamente dentro del entorno del producto o conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"}], "id": "CVE-2021-43936", "lastModified": "2022-04-12T18:06:18.693", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2021-12-06T18:15:08.353", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}