Skip to main content

Levistudiou CVE-2018-10606

HIGH
Heap-based Buffer Overflow (CWE-122)
2018-09-26 ics-cert@hq.dhs.gov
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 26, 2018 - 18:29 nvd
HIGH 8.8

DescriptionNVD

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.

AnalysisAI

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-122. WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files. Affected products include: We-Con Levistudiou.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-4533 HIGH
7.8 Jul 12

Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. Rat

CVE-2018-10614 HIGH
8.8 Oct 09

An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes speciall

CVE-2018-10610 HIGH
8.8 Oct 09

An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processe

CVE-2018-10602 HIGH
8.8 Sep 26

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploi

CVE-2021-43983 HIGH
7.8 Dec 13

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while p

CVE-2020-25199 HIGH
7.8 Dec 09

A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when p

CVE-2019-6541 HIGH
7.8 Feb 13

A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arb

CVE-2019-6539 HIGH
7.8 Feb 13

Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, w

CVE-2019-6537 HIGH
7.8 Feb 13

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when

CVE-2020-25186 HIGH
7.5 Oct 22

An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, wh

CVE-2018-7527 MEDIUM
5.3 Apr 26

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studi

Share

CVE-2018-10606 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy