CVE-2018-17929
HIGHDelta Industrial Automation TPEditor < 1.90 - Stack-based Buffer Overflow via Crafted Project File
Title source: llmDescription
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105682
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-03
Scores
CVSS v3
7.8
EPSS
0.0050
EPSS Percentile
66.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-121
CWE-787
Status
published
Products (1)
deltaww/tpeditor
< 1.90
Published
Oct 11, 2018
Tracked Since
Feb 18, 2026