← Voltar para CVEs
CVE-2018-10598
N/ADescricao
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado8/13/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
deltaww:cncsoftdeltaww:screeneditor
Fraquezas (CWE)
CWE-125CWE-125
Referencias
http://www.securityfocus.com/bid/105032(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/105032(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.