Alpha5 Smart Loader Firmware
CVE-2018-14788
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
AnalysisAI
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types. Affected products include: Fujielectric Alpha5 Smart Loader Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
More in Alpha5 Smart Loader Firmware
View allFuji Electric Alpha5 Smart Loader Versions 3.7 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remo
The affected product is vulnerable to an out-of-bounds read, which may result in code execution. Rated high severity (CV
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary co
The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution. Rated high severit
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. Rated high sever
The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information. Ra
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure. R
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today