Ê©Ä͵µçÆø | 11ÔÂEBO¶à¸öÇå¾²Îó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-12-01

0x00 Îó²î¸ÅÊö

²úÆ·Ãû³Æ

CVE ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

EcoStruxure Building   Operation

CVE-2020-7569

ÎļþÉÏ´«

¸ßΣ

ÊÇ

CVE-2020-7570

XSS

ÖÐΣ

ÊÇ

CVE-2020-7571

XSS

ÖÐΣ

ÊÇ

CVE-2020-7572

XMLÍⲿʵÌåÒýÓÃÏÞÖƲ»µ±

¸ßΣ

ÊÇ

CVE-2020-7573

»á¼û¿ØÖƲ»µ±

ÖÐΣ

ÊÇ

EcoStruxure Building   Operation Enterprise Server¡¢Enterprise Central

CVE-2020-28209

WindowsËÑË÷·¾¶Ê±È±·¦ÒýºÅ

¸ßΣ

·ñ

 

0x01 Îó²îÏêÇé

 

image.png

 

Ê©Ä͵µçÆøÊÇÒ»¼ÒרעÓÚÄÜÔ´ºÍ×Ô¶¯»¯²úÆ·£¨ÈçICS¡¢SCADAºÍIoT£©µÄ¹©Ó¦ÉÌ¡£¡£¡£¡£¡£¡£EcoStruxure Building Operation£¨EBO£©ÊÇÊ©Ä͵µçÆø¹«Ë¾µÄÂ¥ÓîÔËӪϵͳ¡£¡£¡£¡£¡£¡£

2020Äê11ÔÂ30ÈÕ£¬£¬£¬£¬£¬TIMµÄRed Team ResearchÍŶÓÅû¶EBOÖб£´æ¶à¸öÇå¾²Îó²î¡£¡£¡£¡£¡£¡£

¸ßΣÎó²îÏêÇéÈçÏ£º

EcoStruxure Building Operation ÎļþÉÏ´«Îó²î£¨CVE-2020-7569£©

¸ÃÎó²îÊÇEBOÖеÄÒ»¸öÎļþÉÏ´«Îó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.8¡£¡£¡£¡£¡£¡£ÓÉÓÚ¶ÔÓû§ÉÏ´«µÄÎļþûÓоÙÐÐ׼ȷµÄÑéÖ¤£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓôËÎó²îÉÏ´«í§Òâ¿ÉÖ´ÐÐÎļþ¡£¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation WebReports V1.9-V3.1

 

 

EcoStruxure Building Operation XML×¢ÈëÎó²î£¨CVE-2020-7572£©

¸ÃÎó²îÊÇEBOÖеÄÒ»¸öXML×¢ÈëÎó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.8¡£¡£¡£¡£¡£¡£ÓÉÓÚ¶ÔXMLÍⲿʵÌåÒýÓÃÏÞÖƲ»µ±£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓôËÎó²î×¢Èëí§ÒâXML´úÂë¡£¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÔì³É¾Ü¾øЧÀÍ£¨DOS£©¡¢Ð§ÀÍÆ÷¶ËÇëÇóαÔ죨CSRF£©»òµ¼ÖÂÉñÃØÊý¾Ýй¶¡£¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation WebReports V1.9-V3.1

 

 

EcoStruxure Building Operation Enterprise Server ȨÏÞÌáÉýÎó²î£¨CVE-2020-28209£©

¸ÃÎó²î±£´æÓÚEcoStruxure Building Operation Enterprise Server ºÍEnterprise CentralÖУ¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.0¡£¡£¡£¡£¡£¡£ÓÉÓÚWindowsËÑË÷·¾¶Ê±È±·¦ÒýºÅ£¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂÍâµØ¹¥»÷Õ߶ÔÅþÁ¬ÊðÀíЧÀͶþ½øÖÆ·¾¶µÄ×ÓÎļþ¼Ð¾ßÓÐдÈëȨÏÞ£¬£¬£¬£¬£¬×îÖÕ»ñµÃÆô¶¯Ð§ÀÍÓû§µÄȨÏÞ¡£¡£¡£¡£¡£¡£

¸ÃÎó²î½öµ±Enterprise ServerºÍEnterprise Central±»×°ÖÃÔÚ·ÇÇ徲λÖ㨲»ÐèÒªÖÎÀíԱȨÏÞ£©Ê±²Å±£´æ¡£¡£¡£¡£¡£¡£

 

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation Enterprise Server installer V1.9-V3.1

Enterprise Central installer V2.0-V3.1

 

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚÊ©Ä͵µçÆøÒѾ­ÐÞ¸´ÁËÏà¹ØÎó²î£¬£¬£¬£¬£¬½¨ÒéʵʱװÖò¹¶¡¡£¡£¡£¡£¡£¡£

²¹¶¡Á´½Ó£º

https://community.exchange.se.com/t5/EBO-Hotfix-List/bgp/sbo-hotfix-list

 

 

0x03 ²Î¿¼Á´½Ó

https://www.se.com/ww/en/download/document/SEVD-2020-315-04/

https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2020-315-04_EcoStruxure%E2%84%A2_Building_Operation_Security_Notification.pdf&p_Doc_Ref=SEVD-2020-315-04

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28209

 

 

0x04 ʱ¼äÏß

2020-08-11  Ê©Ä͵µçÆøÐû²¼Ç徲ͨ¸æ

2020-11-30  RTRÍŶӹûÕæÅû¶Îó²î

2020-12-01  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/



image.png