An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur during XML body parsing.
The vulnerability (CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer) occurs in the XML content parsing module. An attacker can send a specially crafted request containing malicious XML payload without any authentication. Improper handling of input data leads to write or read operations outside the boundaries of the allocated memory buffer, which may result in taking control of the program execution flow.
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code remotely (RCE) on the device, as well as compromise the confidentiality, integrity, and availability of the system – corresponding to maximum component scores in the CVSS vector.
Patches available from the manufacturer should be applied in accordance with the references (https://www.elspec-ltd.com/support/security-advisories/). Until updates are deployed, it is recommended to restrict network access to the device through a firewall or OT/ICS network segmentation and prevent direct access from untrusted networks.
Elspec G5 Digital Fault Recorder (G5Dfr) – firmware versions 1.1.4.15 and earlier.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HElspec Ltd G5dfr
HWElspec-Ltdwszystkie wersjeElspec Ltd G5dfr Firmware
OSElspec-Ltd< 1.2.1.12
Related vulnerabilities
Nieuwierzytelniona korupcja pamięci w Elspec G5 Digital Fault Recorder
An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 ...
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Enti...
Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow.
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Directory traversal ...