Vulnerability Description
In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code.
CVSS Score
5.3
MEDIUM
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eaton | Elcsoft | < 2.04.02 |
Related Weaknesses (CWE)
References
- http://www.eaton.com/ecm/idcplg?IdcService=GET_FILE&allowInterrupt=1&RevisionSelVendor Advisory
- http://www.securityfocus.com/bid/103301Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-065-03Third Party AdvisoryUS Government Resource
- http://www.eaton.com/ecm/idcplg?IdcService=GET_FILE&allowInterrupt=1&RevisionSelVendor Advisory
- http://www.securityfocus.com/bid/103301Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-065-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-7511?
CVE-2018-7511 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code.
How severe is CVE-2018-7511?
CVE-2018-7511 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7511?
Check the references section above for vendor advisories and patch information. Affected products include: Eaton Elcsoft.