Are StruxureWare DCE or NetBotz vulnerable to CVE-2016-5195 (Dirty COW Vulnerability)?
Are StruxureWare DCE or NetBotz vulnerable to CVE-2016-5195 (Dirty COW vulnerability)?
StruxureWare Data Center Expert (DCE)
StruxureWare DCE 7.x
NetBotz (botzware) 4.x
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
This could be abused by an attacker to modify existing setuid files with instructions to elevate privileges. An exploit using this technique has been found in the wild. This flaw affects most modern Linux distributions.
Current NetBotz releases are based on Linux 2.6.12 and this vulnerability was introduced in Linux kernel versions 2.6.22 and newer. This indicates that NetBotz products are not vulnerable to this specific vulnerability.
DCE 7.x is vulnerable to this issue based on its kernel version within current shipping versions of the appliance. Based on documentation made available by multiple sources, it appears that this can only be exploited as a local user. Schneider Electric does not allow local console access to DCE, so under normal circumstances, the vulnerability would not be exploitable. DCE's kernel version will be updated in a future version/update of the DCE appliance software, which is not yet available.
Cyber Security is an important element of Schneider Electrics' commitment to software quality. Regular vulnerability assessment and further investigation is ongoing on other Schneider Electric platforms in addition to the above and will be detailed if discovered.