CVE-2017-11496

CRITICAL

Gemalto Sentinel LDK RTE HASP SRM 2.10-Sentinel LDK 7.50 - Remote Code Execution via Malformed ASN.1 Stream

Title source: llm
STIX 2.1

Description

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102906
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102739

Scores

CVSS v3 9.8
EPSS 0.0476
EPSS Percentile 90.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (4)
gemalto/sentinel_ldk_rte 2.10
gemalto/sentinel_ldk_rte 3.0
gemalto/sentinel_ldk_rte 7.1
gemalto/sentinel_ldk_rte 7.50
Published Oct 03, 2017
Tracked Since Feb 18, 2026