cbcvebase.
CVE-2018-10299
published 2018-04-23

CVE-2018-10299: An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the…

PriorityP272high7.5CVSS 3.0
AVNACLPRNUINSUCNIHAN
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
2.78%
84.6th percentile
An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue.

Detection & IOCsextracted from sources · hover to see the quote

  • The batchOverflow attack exploits the batchTransfer function of the BECToken (Beauty Ecosystem Coin) ERC-20 smart contract by supplying exactly two _receivers arguments combined with a large _value argument to trigger an integer overflow, resulting in unauthorized token minting.
  • Detection should focus on transactions targeting the BECToken contract's batchTransfer function where the product of the number of receivers and the _value argument overflows a 256-bit integer, resulting in an abnormally large token balance increase (on the order of 10^58 tokens).
  • Post-factum investigation of exploit transactions can be performed by replaying historical transactions against a patched version of the contract and identifying transactions that behave differently (e.g., succeed on the vulnerable contract but are blocked on the patched one), indicating integer overflow exploitation.
  • ·The vulnerability is specific to the Beauty Ecosystem Coin (BEC) ERC-20 smart contract's batchTransfer function; other ERC-20 contracts with similar batch transfer patterns using unchecked arithmetic may be analogously vulnerable.
  • ·IoCs for Ethereum smart contract attacks operate at the level of blockchain state transitions (blocks, transactions, EVM instructions) rather than traditional host/network artifacts, requiring blockchain-aware forensic tooling such as archive nodes with full history.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.