CVE-2016-4529 - Vulnerability Details - OpenCVE

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Schneider-electric	M171 M172 Somachine Hvac Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:h:schneider-electric:m171:-:::::::*
	cpe:2.3:h:schneider-electric:m172:-:::::::*

cpe:2.3:o:schneider-electric:somachine_hvac_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01
http://www.securityfocus.com/bid/91778
http://www.zerodayinitiative.com/advisories/ZDI-16-440
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2016-07-15T16:00:00

Updated: 2024-08-06T00:32:25.764Z

Reserved: 2016-05-05T00:00:00

Link: CVE-2016-4529

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2016-07-15T16:59:10.347

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-4529

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-14T00:00:00", "descriptions": [{"lang": "en", "value": "An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T20:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-440"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01"}, {"name": "91778", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91778"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2016-4529", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-440", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-440"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03"}, {"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01", "refsource": "CONFIRM", "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01"}, {"name": "91778", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91778"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:32:25.764Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-440"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01"}, {"name": "91778", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91778"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2016-4529", "datePublished": "2016-07-15T16:00:00", "dateReserved": "2016-05-05T00:00:00", "dateUpdated": "2024-08-06T00:32:25.764Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:m171:-:*:*:*:*:*:*:*", "matchCriteriaId": "29592649-A25D-48E8-B023-1D30EF3F9CDD", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:m172:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE703A75-552A-4D5D-BF61-B27E53794165", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:somachine_hvac_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E5E66AB-31A1-4E58-A174-6604C2A2A284", "versionEndIncluding": "2.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag."}, {"lang": "es", "value": "Un control ActiveX no especificado en Schneider Electric SoMachine HVAC Programming Software para M171/M172 Controllers en versiones anteriores a 2.1.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos, relacionados con el indicador INTERFACESAFE_FOR_UNTRUSTED_CALLER (tambi\u00e9n conocido como secuencias de comandos para guardar)."}], "id": "CVE-2016-4529", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-07-15T16:59:10.347", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Vendor Advisory"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91778"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-440"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2016-161-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91778"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-440"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}