CVE-2018-17927: Input Validation
First published: Thu Oct 11 2018(Updated: )
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the system to write outside the intended buffer area and may allow remote code execution.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Delta Electronics TPEditor | <=1.90 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-17927?
CVE-2018-17927 is a vulnerability in Delta Industrial Automation TPEditor Versions 1.90 and prior that allows for multiple out-of-bounds write exploits.
What is the severity of CVE-2018-17927?
The severity of CVE-2018-17927 is high, with a score of 7.8.
How can CVE-2018-17927 be exploited?
CVE-2018-17927 can be exploited by processing specially crafted project files lacking user input validation.
What is the affected software of CVE-2018-17927?
The affected software of CVE-2018-17927 is Delta Industrial Automation TPEditor versions 1.90 and prior.
How can I fix CVE-2018-17927?
To fix CVE-2018-17927, update to a version of Delta Industrial Automation TPEditor that is newer than 1.90.
- agent/references
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/deltaww
- canonical/delta electronics tpeditor
- version/delta electronics tpeditor/1.90