exploitDog

CVE-2018-17927

Опубликовано: 11 окт. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer area and may allow remote code execution.

Ссылки

http://www.securityfocus.com/bid/105682
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-03
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/105682
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-03
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:tpeditor:*:*:*:*:*:*:*:*

Версия до 1.90 (включая)

EPSS

Процентиль: 64%

0.00472

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

CWE-787

Связанные уязвимости

GHSA-hcj7-m6jj-hmx6

CVSS3: 7.8

github

больше 3 лет назад

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer area and may allow remote code execution.

EPSS

Процентиль: 64%

0.00472

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

CWE-787