Share: Email | Twitter

ID

VDE-2023-059

Published

2023-12-05 08:06 (CET)

Last update

2023-12-05 08:06 (CET)

Vendor(s)

Pilz GmbH & Co. KG

Product(s)

Article No┬░ Product Name Affected Version(s)
PASvisu < 1.14.1
266807, 266812, 266815 PMI v8xx <= 2.0.33992

Summary

The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. The vulnerabilities can be exploited locally or over the network.

Vulnerabilities



Last Update
Nov. 10, 2023, 9:21 a.m.
Weakness
Out-of-bounds Write (CWE-787)
Summary

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Last Update
Nov. 10, 2023, 9:21 a.m.
Weakness
Use After Free (CWE-416)
Summary

Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Impact

Displaying of a specially crafted HTML page can lead to heap buffer overflow or heap corruption. In a worst-case scenario, a successful exploitation of the vulnerabilities can lead to execution of arbitrary code using the privileges of the user running the affected software. In the case of the PASvisu Builder, the vulnerability can only be exploited locally.

Solution

Product-specific Countermeasures

  • Install the fixed product version as soon as it is available. Please visit the Pilz eShop
    (https://www.pilz.com/en-INT/eshop) to check for the fixed version.
  • Only use project files from trustworthy sources.
  • Protect project files against modification by unauthorized users.
  • Limit network access to legitimate connections by using a firewall or similar measures. Use
    password protection on the online project.

Reported by

Pilz would like to thank CERT@VDE for coordinating publication.