Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'read_packet()' function of the TACACSPLUS implementation.
The error occurs in the 'read_packet()' function which is part of the TACACS+ protocol implementation on vulnerable devices. An attacker can remotely send a crafted network packet that causes a stack-based buffer overflow. Due to the lack of authentication requirements, attack complexity, or user interaction, the exploit can be performed over the network by any unauthorized person.
An attacker can remotely trigger memory corruption of the device, potentially leading to complete device takeover (RCE) or unavailability. Effects include both local systems and associated industrial systems (high impact on confidentiality, integrity, and availability).
Apply patches available from the manufacturer according to references. It is recommended to monitor manufacturer communications and the INCIBE-CERT page at: https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0. Until updates are applied, consider isolating devices from external networks and restricting access to TACACS+ protocol using a firewall.
Circutor SGE-PLC1000 and Circutor SGE-PLC50 with firmware version v0.9.2
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XCircutor Sge Plc1000
HWCircutorwszystkie wersjeCircutor Sge Plc1000 Firmware
OSCircutor0.9.2Circutor Sge Plc50
HWCircutorwszystkie wersjeCircutor Sge Plc50 Firmware
OSCircutor0.9.2
Related vulnerabilities
Stack-based buffer overflow w Circutor SGE-PLC1000/SGE-PLC50 via SetLan
SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote...
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()'...
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a...
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' funct...