Ê©Ä͵µçÆø | 11ÔÂEBO¶à¸öÇå¾²Îó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-12-01

0x00 Îó²î¸ÅÊö

²úÆ·Ãû³Æ

CVE ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

EcoStruxure Building   Operation

CVE-2020-7569

ÎļþÉÏ´«

¸ßΣ

ÊÇ

CVE-2020-7570

XSS

ÖÐΣ

ÊÇ

CVE-2020-7571

XSS

ÖÐΣ

ÊÇ

CVE-2020-7572

XMLÍⲿʵÌåÒýÓÃÏÞÖƲ»µ±

¸ßΣ

ÊÇ

CVE-2020-7573

»á¼û¿ØÖƲ»µ±

ÖÐΣ

ÊÇ

EcoStruxure Building   Operation Enterprise Server¡¢Enterprise Central

CVE-2020-28209

WindowsËÑË÷·¾¶Ê±È±·¦ÒýºÅ

¸ßΣ

·ñ

 

0x01 Îó²îÏêÇé

 

image.png

 

Ê©Ä͵µçÆøÊÇÒ»¼ÒרעÓÚÄÜÔ´ºÍ×Ô¶¯»¯²úÆ·£¨ÈçICS¡¢SCADAºÍIoT£©µÄ¹©Ó¦ÉÌ¡£EcoStruxure Building Operation£¨EBO£©ÊÇÊ©Ä͵µçÆø¹«Ë¾µÄÂ¥ÓîÔËӪϵͳ¡£

2020Äê11ÔÂ30ÈÕ£¬TIMµÄRed Team ResearchÍŶÓÅû¶EBOÖб£´æ¶à¸öÇå¾²Îó²î¡£

¸ßΣÎó²îÏêÇéÈçÏ£º

EcoStruxure Building Operation ÎļþÉÏ´«Îó²î£¨CVE-2020-7569£©

¸ÃÎó²îÊÇEBOÖеÄÒ»¸öÎļþÉÏ´«Îó²î£¬ÆäCVSSÆÀ·Ö8.8¡£ÓÉÓÚ¶ÔÓû§ÉÏ´«µÄÎļþûÓоÙÐÐ׼ȷµÄÑéÖ¤£¬¹¥»÷Õß¿ÉʹÓôËÎó²îÉÏ´«í§Òâ¿ÉÖ´ÐÐÎļþ¡£

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation WebReports V1.9-V3.1

 

 

EcoStruxure Building Operation XML×¢ÈëÎó²î£¨CVE-2020-7572£©

¸ÃÎó²îÊÇEBOÖеÄÒ»¸öXML×¢ÈëÎó²î£¬ÆäCVSSÆÀ·Ö8.8¡£ÓÉÓÚ¶ÔXMLÍⲿʵÌåÒýÓÃÏÞÖƲ»µ±£¬¹¥»÷Õß¿ÉʹÓôËÎó²î×¢Èëí§ÒâXML´úÂë¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÔì³É¾Ü¾ø·þÎñ£¨DOS£©¡¢·þÎñÆ÷¶ËÇëÇóαÔ죨CSRF£©»òµ¼ÖÂÉñÃØÊý¾Ýй¶¡£

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation WebReports V1.9-V3.1

 

 

EcoStruxure Building Operation Enterprise Server ȨÏÞÌáÉýÎó²î£¨CVE-2020-28209£©

¸ÃÎó²î±£´æÓÚEcoStruxure Building Operation Enterprise Server ºÍEnterprise CentralÖУ¬ÆäCVSSÆÀ·Ö7.0¡£ÓÉÓÚWindowsËÑË÷·¾¶Ê±È±·¦ÒýºÅ£¬¿ÉÄܵ¼ÖÂÍâµØ¹¥»÷Õ߶ÔÅþÁ¬ÊðÀí·þÎñ¶þ½øÖÆ·¾¶µÄ×ÓÎļþ¼Ð¾ßÓÐдÈëȨÏÞ£¬×îÖÕ»ñµÃÆô¶¯·þÎñÓû§µÄȨÏÞ¡£

¸ÃÎó²î½öµ±Enterprise ServerºÍEnterprise Central±»×°ÖÃÔÚ·ÇÇ徲λÖ㨲»ÐèÒªÖÎÀíԱȨÏÞ£©Ê±²Å±£´æ¡£

 

Ó°Ïì¹æÄ££º

EcoStruxure Building Operation Enterprise Server installer V1.9-V3.1

Enterprise Central installer V2.0-V3.1

 

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚÊ©Ä͵µçÆøÒѾ­ÐÞ¸´ÁËÏà¹ØÎó²î£¬½¨ÒéʵʱװÖò¹¶¡¡£

²¹¶¡Á´½Ó£º

https://community.exchange.se.com/t5/EBO-Hotfix-List/bgp/sbo-hotfix-list

 

 

0x03 ²Î¿¼Á´½Ó

https://www.se.com/ww/en/download/document/SEVD-2020-315-04/

https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2020-315-04_EcoStruxure%E2%84%A2_Building_Operation_Security_Notification.pdf&p_Doc_Ref=SEVD-2020-315-04

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28209

 

 

0x04 ʱ¼äÏß

2020-08-11  Ê©Ä͵µçÆøÐû²¼Ç徲ͨ¸æ

2020-11-30  RTRÍŶӹûÕæÅû¶Îó²î

2020-12-01  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/



image.png