CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3991

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.746

EPSS Ranking 98.8%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 7.5

References

Products affected by CVE-2018-3991

Wibu » Wibukey » Version: 6.40.2402.500

cpe:2.3:a:wibu:wibukey:6.40.2402.500
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Siemens » Simatic Wincc Open Architecture » Version: 3.14

cpe:2.3:o:siemens:simatic_wincc_open_architecture:3.14
Siemens » Simatic Wincc Open Architecture » Version: 3.15

cpe:2.3:o:siemens:simatic_wincc_open_architecture:3.15
Siemens » Simatic Wincc Open Architecture » Version: 3.16

cpe:2.3:o:siemens:simatic_wincc_open_architecture:3.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3991

Products

Pricing

Contact Us