PT-2017-13014 · Unisys · Fs601+3

Published

2017-09-29

Updated

2017-10-10

CVE-2017-13684

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE versions prior to 43.211

Description The issue is related to incorrect literal handling, which can trigger CPM stack corruption. This can cause a denial of service, resulting in a program crash, and may have other unspecified impacts. The issue can be exploited by remote authenticated users.

Recommendations For Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE versions prior to 43.211, update the MCP-FIRMWARE to version 43.211 or later to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-13684

Affected Products

Fs601

Scp-Firmware

Unisys Libra 64Xx

Unisys Libra 84Xx

PT-2017-13014 · Unisys · Fs601+3

CVE-2017-13684

Weakness Enumeration

Related Identifiers

Affected Products

References · 3