Vulnerabilites related to INVT - VT-Designer
CVE-2018-18983 (GCVE-0-2018-18983)
Vulnerability from cvelistv5
Published
2018-11-30 18:00
Modified
2024-08-05 11:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106071 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106071",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-05T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106071",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-18983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106071"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-18983",
"datePublished": "2018-11-30T18:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:23:08.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7229 (GCVE-0-2025-7229)
Vulnerability from cvelistv5
Published
2025-07-21 19:53
Modified
2025-07-22 13:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25722.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-480/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| INVT | VT-Designer |
Version: 2.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T13:45:27.991940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T13:45:55.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VT-Designer",
"vendor": "INVT",
"versions": [
{
"status": "affected",
"version": "2.1.13"
}
]
}
],
"dateAssigned": "2025-07-07T14:48:23.802Z",
"datePublic": "2025-07-07T18:19:07.897Z",
"descriptions": [
{
"lang": "en",
"value": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25722."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T19:53:14.752Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-480",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-480/"
}
],
"source": {
"lang": "en",
"value": "kimiya"
},
"title": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-7229",
"datePublished": "2025-07-21T19:53:14.752Z",
"dateReserved": "2025-07-07T14:48:23.718Z",
"dateUpdated": "2025-07-22T13:45:55.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7231 (GCVE-0-2025-7231)
Vulnerability from cvelistv5
Published
2025-07-21 19:53
Modified
2025-07-22 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25724.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-482/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| INVT | VT-Designer |
Version: 2.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T13:42:41.184307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T13:42:47.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VT-Designer",
"vendor": "INVT",
"versions": [
{
"status": "affected",
"version": "2.1.13"
}
]
}
],
"dateAssigned": "2025-07-07T14:48:32.092Z",
"datePublic": "2025-07-07T18:19:19.215Z",
"descriptions": [
{
"lang": "en",
"value": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25724."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T19:53:24.553Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-482",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-482/"
}
],
"source": {
"lang": "en",
"value": "kimiya"
},
"title": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-7231",
"datePublished": "2025-07-21T19:53:24.553Z",
"dateReserved": "2025-07-07T14:48:32.020Z",
"dateUpdated": "2025-07-22T13:42:47.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7227 (GCVE-0-2025-7227)
Vulnerability from cvelistv5
Published
2025-07-21 19:53
Modified
2025-07-22 13:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25550.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-478/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| INVT | VT-Designer |
Version: 2.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T13:34:36.898181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T13:34:51.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VT-Designer",
"vendor": "INVT",
"versions": [
{
"status": "affected",
"version": "2.1.13"
}
]
}
],
"dateAssigned": "2025-07-07T14:48:16.480Z",
"datePublic": "2025-07-07T18:18:56.366Z",
"descriptions": [
{
"lang": "en",
"value": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25550."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T19:53:08.378Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-478",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-478/"
}
],
"source": {
"lang": "en",
"value": "kimiya"
},
"title": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-7227",
"datePublished": "2025-07-21T19:53:08.378Z",
"dateReserved": "2025-07-07T14:48:16.400Z",
"dateUpdated": "2025-07-22T13:34:51.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18987 (GCVE-0-2018-18987)
Vulnerability from cvelistv5
Published
2018-11-30 18:00
Modified
2024-08-05 11:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106071 | vdb-entry, x_refsource_BID | |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106071",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-05T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106071",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-18987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106071"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-18987",
"datePublished": "2018-11-30T18:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2024-08-05T11:23:08.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7228 (GCVE-0-2025-7228)
Vulnerability from cvelistv5
Published
2025-07-21 19:53
Modified
2025-07-22 13:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25571.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-479/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| INVT | VT-Designer |
Version: 2.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T13:31:36.418418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T13:31:55.458Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VT-Designer",
"vendor": "INVT",
"versions": [
{
"status": "affected",
"version": "2.1.13"
}
]
}
],
"dateAssigned": "2025-07-07T14:48:20.037Z",
"datePublic": "2025-07-07T18:19:02.757Z",
"descriptions": [
{
"lang": "en",
"value": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25571."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T19:53:11.255Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-479",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-479/"
}
],
"source": {
"lang": "en",
"value": "kimiya"
},
"title": "INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-7228",
"datePublished": "2025-07-21T19:53:11.255Z",
"dateReserved": "2025-07-07T14:48:19.956Z",
"dateUpdated": "2025-07-22T13:31:55.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7230 (GCVE-0-2025-7230)
Vulnerability from cvelistv5
Published
2025-07-21 19:53
Modified
2025-07-22 13:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Summary
INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25723.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-25-481/ | x_research-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| INVT | VT-Designer |
Version: 2.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T13:44:20.573518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T13:44:25.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VT-Designer",
"vendor": "INVT",
"versions": [
{
"status": "affected",
"version": "2.1.13"
}
]
}
],
"dateAssigned": "2025-07-07T14:48:27.660Z",
"datePublic": "2025-07-07T18:19:13.115Z",
"descriptions": [
{
"lang": "en",
"value": "INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PM3 files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25723."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T19:53:18.570Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-481",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-481/"
}
],
"source": {
"lang": "en",
"value": "kimiya"
},
"title": "INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-7230",
"datePublished": "2025-07-21T19:53:18.570Z",
"dateReserved": "2025-07-07T14:48:27.591Z",
"dateUpdated": "2025-07-22T13:44:25.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201811-0350
Vulnerability from variot
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution. VT-Designer Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CArchive objects. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. INVT Electric VT-Designer is a graphics development tool from China's INVT Electric Company. A vulnerability exists in the INVT Electric VT-Designer version 2.1.7.31. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "vt-designer",
"scope": "eq",
"trust": 1.6,
"vendor": "invt",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "electric vt-designer",
"scope": "eq",
"trust": 0.9,
"vendor": "invt",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "vt designer",
"scope": "eq",
"trust": 0.8,
"vendor": "invt electric",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "vt-designer",
"scope": null,
"trust": 0.7,
"vendor": "invt",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vt designer",
"version": "2.1.7.31"
}
],
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1361"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
},
{
"db": "NVD",
"id": "CVE-2018-18987"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:invt:vt-designer",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
}
]
},
"credits": {
"_id": null,
"data": "Ariele Caltabiano (kimiya)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1361"
}
],
"trust": 0.7
},
"cve": "CVE-2018-18987",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-18987",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-24485",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d705aae-463f-11e9-82c7-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-18987",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-18987",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-18987",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-18987",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-24485",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-915",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1361"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
},
{
"db": "NVD",
"id": "CVE-2018-18987"
}
]
},
"description": {
"_id": null,
"data": "VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution. VT-Designer Contains a vulnerability in the deserialization of unreliable data.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CArchive objects. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. INVT Electric VT-Designer is a graphics development tool from China\u0027s INVT Electric Company. A vulnerability exists in the INVT Electric VT-Designer version 2.1.7.31. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18987"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "ZDI",
"id": "ZDI-18-1361"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-18987",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-333-01",
"trust": 3.3
},
{
"db": "BID",
"id": "106071",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2018-24485",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6428",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1361",
"trust": 0.7
},
{
"db": "IVD",
"id": "7D705AAE-463F-11E9-82C7-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1361"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
},
{
"db": "NVD",
"id": "CVE-2018-18987"
}
]
},
"id": "VAR-201811-0350",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
}
],
"trust": 1.65416665
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
}
]
},
"last_update_date": "2024-11-23T21:38:02.313000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.invt.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-502",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "NVD",
"id": "CVE-2018-18987"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-333-01"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/106071"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18987"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18987"
},
{
"trust": 0.3,
"url": "https://www.invt.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-24485"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
},
{
"db": "NVD",
"id": "CVE-2018-18987"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1361",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-24485",
"ident": null
},
{
"db": "BID",
"id": "106071",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012627",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201811-915",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-18987",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1",
"ident": null
},
{
"date": "2018-11-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1361",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-24485",
"ident": null
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106071",
"ident": null
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012627",
"ident": null
},
{
"date": "2018-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-915",
"ident": null
},
{
"date": "2018-11-30T18:29:00.537000",
"db": "NVD",
"id": "CVE-2018-18987",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-11-29T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1361",
"ident": null
},
{
"date": "2018-12-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-24485",
"ident": null
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106071",
"ident": null
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012627",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-915",
"ident": null
},
{
"date": "2024-11-21T03:56:59.507000",
"db": "NVD",
"id": "CVE-2018-18987",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "INVT Electric VT-Designer Code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d705aae-463f-11e9-82c7-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24485"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-915"
}
],
"trust": 0.6
}
}
var-201811-0349
Vulnerability from variot
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution. VT-Designer Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of pm3 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. INVT Electric VT-Designer is a graphics development tool from China's INVT Electric Company. A heap buffer overflow vulnerability exists in INVT Electric VT-Designer version 2.1.7.31. Failed exploit attempts will likely result in denial-of-service conditions. INVT Electric VT-Designer 2.1.7.31 is vulnerable; other versions may also be affected
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "vt-designer",
"scope": "eq",
"trust": 1.6,
"vendor": "invt",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "electric vt-designer",
"scope": "eq",
"trust": 0.9,
"vendor": "invt",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "vt designer",
"scope": "eq",
"trust": 0.8,
"vendor": "invt electric",
"version": "2.1.7.31"
},
{
"_id": null,
"model": "vt-designer",
"scope": null,
"trust": 0.7,
"vendor": "invt",
"version": null
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vt designer",
"version": "2.1.7.31"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1360"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
},
{
"db": "NVD",
"id": "CVE-2018-18983"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:invt:vt-designer",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
}
]
},
"credits": {
"_id": null,
"data": "Ariele Caltabiano (kimiya)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1360"
}
],
"trust": 0.7
},
"cve": "CVE-2018-18983",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-18983",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-24486",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-18983",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-18983",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-18983",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-18983",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-24486",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-916",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1360"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
},
{
"db": "NVD",
"id": "CVE-2018-18983"
}
]
},
"description": {
"_id": null,
"data": "VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution. VT-Designer Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of pm3 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. INVT Electric VT-Designer is a graphics development tool from China\u0027s INVT Electric Company. A heap buffer overflow vulnerability exists in INVT Electric VT-Designer version 2.1.7.31. Failed exploit attempts will likely result in denial-of-service conditions. \nINVT Electric VT-Designer 2.1.7.31 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18983"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "ZDI",
"id": "ZDI-18-1360"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
}
],
"trust": 3.24
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-18983",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-333-01",
"trust": 3.3
},
{
"db": "BID",
"id": "106071",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2018-24486",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6414",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1360",
"trust": 0.7
},
{
"db": "IVD",
"id": "7D7D7A12-463F-11E9-90A3-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-1360"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
},
{
"db": "NVD",
"id": "CVE-2018-18983"
}
]
},
"id": "VAR-201811-0349",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
}
],
"trust": 1.65416665
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
}
]
},
"last_update_date": "2024-11-23T21:38:02.354000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.invt.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "NVD",
"id": "CVE-2018-18983"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-333-01"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/106071"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18983"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18983"
},
{
"trust": 0.3,
"url": "https://www.invt.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-24486"
},
{
"db": "BID",
"id": "106071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
},
{
"db": "NVD",
"id": "CVE-2018-18983"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-1360",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-24486",
"ident": null
},
{
"db": "BID",
"id": "106071",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012626",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-18983",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-12-04T00:00:00",
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1",
"ident": null
},
{
"date": "2018-11-26T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1360",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-24486",
"ident": null
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106071",
"ident": null
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012626",
"ident": null
},
{
"date": "2018-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-916",
"ident": null
},
{
"date": "2018-11-30T18:29:00.490000",
"db": "NVD",
"id": "CVE-2018-18983",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-11-29T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1360",
"ident": null
},
{
"date": "2018-12-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-24486",
"ident": null
},
{
"date": "2018-12-05T00:00:00",
"db": "BID",
"id": "106071",
"ident": null
},
{
"date": "2019-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012626",
"ident": null
},
{
"date": "2018-12-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-916",
"ident": null
},
{
"date": "2024-11-21T03:56:59.023000",
"db": "NVD",
"id": "CVE-2018-18983",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "INVT Electric VT-Designer Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-24486"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d7d7a12-463f-11e9-90a3-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-916"
}
],
"trust": 0.8
}
}
Vulnerability from fkie_nvd
Published
2018-11-30 18:29
Modified
2024-11-21 03:56
Severity ?
Summary
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/106071 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106071 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| invt | vt-designer | 2.1.7.31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:invt:vt-designer:2.1.7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD5DF51-E13B-47F0-9B75-9830BD1C2476",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution."
},
{
"lang": "es",
"value": "VT-Designer, en su versi\u00f3n 2.1.7.31, es vulnerable a que el programa nutra objetos con entradas proporcionadas por el usuario sin comprobar primero su validez, lo que permite que las entradas proporcionadas por el atacante se escriban en ubicaciones de memoria conocidas. Esto podr\u00eda provocar que el programa se cierre inesperadamente o provoque la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2018-18987",
"lastModified": "2024-11-21T03:56:59.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-30T18:29:00.537",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-30 18:29
Modified
2024-11-21 03:56
Severity ?
Summary
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/106071 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106071 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| invt | vt-designer | 2.1.7.31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:invt:vt-designer:2.1.7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD5DF51-E13B-47F0-9B75-9830BD1C2476",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution."
},
{
"lang": "es",
"value": "VT-Designer, en su versi\u00f3n 2.1.7.31, es vulnerable a que el programa lea el contenido de un archivo (que ya est\u00e1 en la memoria) en otro b\u00fafer basado en memoria din\u00e1mica (heap), lo que podr\u00eda provocar que el programa se cierre inesperadamente o permita la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2018-18983",
"lastModified": "2024-11-21T03:56:59.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-30T18:29:00.490",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-333-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}