Iocharger prior 24120701 stack-based overflow

Summaryinfo

A vulnerability has been found in Iocharger and classified as critical. This vulnerability affects unknown code. The manipulation leads to stack-based overflow. This vulnerability is traded as CVE-2024-43661. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Iocharger. This issue affects an unknown part. The manipulation with an unknown input leads to a stack-based overflow vulnerability. Using CWE to declare the problem leads to CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). Impacted is availability. The summary by CVE is:

The .so library, which is used by , is vulnerable to a buffer overflow in the code that handles the deletion of certificates. This buffer overflow can be triggered by providing a long file path to the action of the .exe CGI binary or to the .sh CGI script. This binary or script will write this file path to , which is then read by .so This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – An attacker will have to find this exploit by either obtaining the binaries involved in this vulnerability, or by trial and error. Furthermore, the attacker will need a (low privilege) account to gain access to the .exe CGI binary or .sh script to trigger the vulnerability, or convince a user with such access send an HTTP request that triggers it. Impact: High – The process, which we assume is responsible for OCPP communication, will keep crashing after performing the exploit. This happens because the buffer overflow causes the process to segfault before is removed. This means that, even though is automatically restarted, it will crash again as soon as it tries to parse the text file. CVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack leads to reducred availability of the device (VC:N/VI:N/VA:H). THere is not impact on subsequent systems. (SC:N/SI:N/SA:N). Alltough this device is an EV charger handing significant amounts of power, we do not forsee a safety impact. The attack can be automated (AU:Y). Because the DoS condition is written to disk persistantly, it cannot be recovered by the user (R:I).

The weakness was shared by Wilco Van Beijnum as DIVD-2024-00035. The advisory is shared at csirt.divd.nl. The identification of this vulnerability is CVE-2024-43661 since 08/14/2024. The exploitation is known to be easy. The attack may be initiated remotely. Neither technical details nor an exploit are publicly available.

Upgrading to version 24120701 eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Name

• Iocharger

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion