CVE-2018-10598

Summary

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.

Affected Software

VendorProductVersion RangeStatus
ICS-CERTCNCSoft with ScreenEditorCNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54affected

Weaknesses

  • CWE-125: OUT-OF-BOUNDS READ CWE-125

ADP Enrichment

CVE Program Container

Additional References

References