CVE-2018-18957
published 2018-11-05CVE-2018-18957: An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
PriorityP267critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
11.57%
95.5th percentile
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mz-automation | libiec61850 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The overflow is triggered in Ethernet_getInterfaceMACAddress() called from prepareGooseBuffer() when a long interfaceID string is passed; monitor for stack-smashing signals (SIGABRT) originating from goose_publisher_example or any process linked against libiec61850. ↗
- →The vulnerable code path is reached when interfaceID is non-NULL; the attacker-controlled string is passed directly to Ethernet_getInterfaceMACAddress without length validation. ↗
- ·The exploit was tested on Linux 4.15.0-38-generic; stack-smashing protection (__stack_chk_fail) causes an abort rather than silent exploitation on hardened builds, but the DoS condition still applies. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2018-11-05
Published