[Japanese]

JVNDB-2023-001212

Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2

Overview

Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below.

* Out-of-bound write (CWE-787) - CVE-2023-22345
* Out-of-bound read (CWE-125) - CVE-2023-22346, CVE-2023-22347, CVE-2023-22349, CVE-2023-22350, CVE-2023-22353
* Use-after-free (CWE-416) - CVE-2023-22360

Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22345


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22346


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22347


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22349


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22350


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22353


CVSS V3 Severity:
Base Metrics7.8 (High) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2023-22360
Affected Products


JTEKT ELECTRONICS CORPORATION
  • Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier

Impact

Impact
Having a user of Screen Creator Advance 2 to open a specially crafted project file causes the following vulnerabilities, which may result in information disclosure and/or arbitrary code execution.

CVE-2023-22345
Out-of-bound write occurs due to lack of error handling process when out of specification errors are detected.

CVE-2023-22346
Out-of-bound read occurs because the end of data cannot be verified when processing template information.

CVE-2023-22347
Out-of-bound read occurs because the end of data cannot be verified when processing file structure information.

CVE-2023-22349
Out-of-bound read occurs because the end of data cannot be verified when processing screen management information.

CVE-2023-22350
Out-of-bound read occurs because the end of data cannot be verified when processing parts management information.

CVE-2023-22353
Out-of-bound read occurs because the end of data cannot be verified when processing control management information.

CVE-2023-22360
Use-after-free occurs due to lack of error handling process even when an error was detected.
Solution

[Update the software]
Update Screen Creator Advance 2 to the latest version according to the information provided by the developer.
The developer released below version that contains fixes for these vulnerabilities.

* Screen Creator Advance 2 Ver.0.1.1.4 Build01A and above

The latest update can be obtained from the developer's website listed below.

* HMI - Download | JTEKT ELECTRONICS CORPORATION

Vendor Information

JTEKT ELECTRONICS CORPORATION
CWE (What is CWE?)

  1. Out-of-bounds Read(CWE-125) [Other]
  2. Use After Free(CWE-416) [Other]
  3. Out-of-bounds Write(CWE-787) [Other]
CVE (What is CVE?)

  1. CVE-2023-22345
  2. CVE-2023-22346
  3. CVE-2023-22347
  4. CVE-2023-22349
  5. CVE-2023-22350
  6. CVE-2023-22353
  7. CVE-2023-22360
References

  1. JVN : JVNVU#98917488
  2. National Vulnerability Database (NVD) : CVE-2023-22345
  3. National Vulnerability Database (NVD) : CVE-2023-22346
  4. National Vulnerability Database (NVD) : CVE-2023-22347
  5. National Vulnerability Database (NVD) : CVE-2023-22349
  6. National Vulnerability Database (NVD) : CVE-2023-22350
  7. National Vulnerability Database (NVD) : CVE-2023-22353
  8. National Vulnerability Database (NVD) : CVE-2023-22360
  9. ICS-CERT ADVISORY : ICSA-23-096-02
Revision History

  • [2023/02/08]
      Web page was published
  • [2023/04/10]
      References : Content was added
  • [2024/06/10]
      References : Contents were added