Description
Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. The `strcpy` at [18] overflows the buffer `insteon_pubnub.channel_al`, which has a size of 16 bytes.
References (1)
Core 1
Core References
Technical Description, Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0502
Scores
CVSS v3
8.5
EPSS
0.0053
EPSS Percentile
67.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-120
Status
published
Products (1)
insteon/hub_firmware
1012
Published
Jan 12, 2023
Tracked Since
Feb 18, 2026