CVE-2018-17927 - In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds wr

CVE-2018-17927

Summary

In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer area and may allow remote code execution.

References

Vulnerable Configurations

cpe:2.3:a:deltaww:tpeditor:1.89:*:*:*:*:*:*:.
cpe:2.3:a:deltaww:tpeditor:1.89:*:*:*:*:*:*:.
cpe:2.3:a:deltaww:tpeditor:1.90:*:*:*:*:*:*:*
cpe:2.3:a:deltaww:tpeditor:1.90:*:*:*:*:*:*:*
cpe:2.3:a:deltaww:tpeditor:1.90:*:*:*:*:*:*:.
cpe:2.3:a:deltaww:tpeditor:1.90:*:*:*:*:*:*:.

CVSS

Base:	6.8 (as of 09-10-2019 - 23:37)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	105682
misc	https://ics-cert.us-cert.gov/advisories/ICSA-18-284-03

Last major update

09-10-2019 - 23:37

Published

11-10-2018 - 22:29

Last modified

09-10-2019 - 23:37