First published: Thu Aug 23 2018(Updated: )
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "user" value in order to exploit this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Samsung Sth-eth-250 Firmware | =0.20.17 | |
Samsung Sth-eth-250 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-3863 is classified as a critical severity vulnerability due to its potential to cause buffer overflow and allow remote code execution.
To fix CVE-2018-3863, update the Samsung SmartThings Hub STH-ETH-250 firmware to version 0.20.18 or later.
CVE-2018-3863 is a buffer overflow vulnerability caused by improper handling of a user-controlled JSON payload.
CVE-2018-3863 affects Samsung SmartThings Hub devices running firmware version 0.20.17.
An attacker exploiting CVE-2018-3863 can execute arbitrary code on the affected SmartThings Hub by sending a specially crafted HTTP request.