Your one-stop web resource providing safety and security information to manufacturers

Schneider Electric has an upgrade available to handle improper validation and memory corruption vulnerabilities in its Floating License Manager, according to a report with NCCIC.

These remotely exploitable vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product.

RELATED STORIES
Schneider has Fix for IGSS Vulnerability
AVEVA Handles Floating License Manager Issue
Delta Mitigation Plan for CNCSoft ScreenEditor
Philips has Plan to Fix Holter 2010 Plus Hole

Floating License Manager Version 2.3.0.0 and earlier suffer from the issues, which Schneider self-reported.

In one issue, a denial of service vulnerability related to preemptive item deletion in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

Schneider Bold

CVE-2018-20031 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

In addition, there is a denial of service vulnerability related to message decoding in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

CVE-2018-20032 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

Also, a remote code execution vulnerability in lmadmin and vendor daemon components could allow a remote attacker to corrupt the memory by allocating/deallocating memory, loading lmadmin or the vendor daemon and causing the heartbeat between lmadmin and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.

CVE-2018-20033 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

In another issue, there is a denial of service vulnerability related to adding an item to a list in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

CVE-2018-20034 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

The product sees use mainly in the energy sector. It also sees action on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the issues.

Schneider Electric has made a fix for these vulnerabilities available for download on its website.

Schneider Electric recommends users upgrade to Floating License Manager (FLM) Version 2.3.1.0 as soon as possible.

Details are described in the Schneider Electric Security Notification SEVD-2019-134-04.

Pin It on Pinterest

Share This