cbcvebase.
CVE-2018-17930
published 2018-11-28

CVE-2018-17930: A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution.

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
7.26%
93.6th percentile
A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution.

Affected

2 ranges
VendorProductVersion rangeFixed in
ics-certteledyne_dalsa_sherlock
teledynedalsasherlock<= 7.2.7.4

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is a stack-based buffer overflow (CWE-121) in Teledyne DALSA Sherlock Version 7.2.7.4 and prior; detection should focus on anomalous stack memory usage or crash telemetry in the Sherlock machine vision software process.
  • No known public exploits exist and the vulnerability is not remotely exploitable; focus detection on local/interactive user activity and suspicious process behavior on hosts running Sherlock.
  • Attack vector is local with low privilege and requires user interaction (CVSS vector AV:L/AC:L/PR:L/UI:R); monitor for low-privileged local users triggering Sherlock crashes or unexpected code execution.
  • ·Affected versions are Sherlock 7.2.7.4 and prior; version 7.2.7.5 and later are patched. Ensure asset inventory accurately identifies installed Sherlock versions before applying detection logic.
  • ·Exploitation requires low skill level, increasing likelihood of opportunistic attempts even without public exploit code.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.