Research Advisory - Vulnerable Disclosure 2 - Multiple Vulnerabilities

Submitted by user123 on Fri, 07/23/2021 - 16:55
Product
2.1 - RTU 2.2 - RTU
Part No.
2.1 - BMX-NOR-0200H 2.2 - BMX-NOR-0200H
Make
Schneider Electric
Vulnerability
2.1 - DOS 2.2 - Unauthentic Command Execution
Disclosure Timeline
20/Dec/2018 - Vulnerability reported
22/Dec/2018 - Schneider acknowledge & requested for detailed description
01/Jan/2019 - POC submitted to M/s. Schneider
08/Jan/2019 - M/s. Schneider opened a case to investigate
31/Jan/2019 - M/s. Schneider electric requested for the script
04/Feb/2019 - Exploit submitted
08/Mar/2019 - C3i Center asks for an update
18/Mar/2019 - M/s. Schneider closed the case. Considering it [communication protocol vulnerability] as a vulnerability of web
18/Mar/2019 - C3i center requested to open the case again
18/Mar/2019 - M/s. Schneider requested for a list of all vulnerabilities
19/Mar/2019 - C3i Center shared a list of vulnerabilities reported yet
20/Mar/2019 - M/s. Schneider thanks to C3i center and agreed to provide update on all the cases by early next week.
21/Mar/2019 - C3i Center acknowledged their mail and awaiting for their valuable response
27/Mar/2019 - M/s. Schneider asked for some information of the application
which used during attack
05/Apr/2019 - C3i Provided the information of some application which used
in the attack and cleared some query
06/Apr/2019 - Forked this vulnerability, And M/s. Schneider asked for an
exploit, version and some configuration file of the device
10/Apr/2019 - C3i Provided the Exploit and some other information also
Status
2.1 - Confirmed 2.2 - Confirmed 2.3 - Confirmed
Case Number
2.1 - 263953 , 2.2 - 263954 , 2.3 - 263954
CVE Number
2.1 - CVE-2019-6831 2.2 - CVE-2019-6810
Date