Advisory Details

June 26th, 2018

Delta Industrial Automation COMMGR AHSIM_5x0 Simulator Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-18-588
ZDI-CAN-5667

CVE ID CVE-2018-10594
CVSS SCORE 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
AFFECTED VENDORS Delta Industrial Automation
AFFECTED PRODUCTS COMMGR
VULNERABILITY DETAILS


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability.

The specific flaw exists within processing of TCP packets sent to the AHSIM 5x0 Simulator. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the COMMGR process.

ADDITIONAL DETAILS Delta Industrial Automation has issued an update to correct this vulnerability. More details can be found at:
https://ics-cert.us-cert.gov/advisories/ICSA-18-172-01
DISCLOSURE TIMELINE
  • 2018-02-23 - Vulnerability reported to vendor
  • 2018-06-26 - Coordinated public release of advisory
  • 2018-06-26 - Advisory Updated
CREDIT Anonymous
BACK TO ADVISORIES