CVE-2018-20818

Опубликовано: 22 апр. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact.

Ссылки

https://arxiv.org/pdf/1809.07477
Third Party Advisory
https://arxiv.org/pdf/1809.07477
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:openplcproject:openplc_v2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:openplcproject:openplc_v2:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:openplcproject:openplc_v3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:openplcproject:openplc_v3:-:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00459

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-j22f-7hvx-mqp8