Vulnerabilities > CVE-2018-8865 - Out-of-bounds Write vulnerability in Lantech IDS 2102 Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

lantech

CWE-787

critical

NVD

Published: 2018-05-04

Updated: 2024-11-21

Summary

In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vulnerable Configurations

Part	Description	Count
OS	Lantech Lantech IDS 2102 Firmware -	1
Hardware	Lantech Lantech IDS 2102 *	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

http://www.securityfocus.com/bid/104098
http://www.securityfocus.com/bid/104098
https://ics-cert.us-cert.gov/advisories/ICSA-18-123-01
https://ics-cert.us-cert.gov/advisories/ICSA-18-123-01