Share: Email | Twitter

ID

VDE-2023-048

Published

2023-12-05 08:00 (CET)

Last update

2023-11-29 07:53 (CET)

Vendor(s)

Pilz GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
PASvisu < 1.14.1
PIT Transponder Manager < 1.2.0
266807, 266812, 266815 PMI v8xx <= 2.0.33992

Summary

Several Pilz products use the 3rd-party component “libwebp” for decoding of images in WebP format. This component is affected by a vulnerability, which may enable an attacker to gain full control over the system running the software product. Depending on the affected product, the vulnerabilities can be exploited locally or over the network.


Last Update:

30. August 2024 09:27

Weakness

Out-of-bounds Write  (CWE-787) 

Summary

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)


Impact

Decoding of a specially crafted image leads to a heap buffer overflow. In a worst-case scenario, a successful exploitation of the vulnerability can lead to execution of arbitrary code using the privileges of the user running the affected software. In case of PIT Transponder Manager and the PASvisu Builder, the vulnerability can only be exploited locally. Depending on the configuration of the PASvisu Runtime, a remote exploitation may be possible.

Solution

General Countermeasures

  • Only use project and image files from trustworthy sources.
  • Protect project and image files against modification by unauthorized users.

Product-specific Countermeasures

  • Install the fixed product version as soon as it is available. Please visit the Pilz eShop
    (https://www.pilz.com/en-INT/eshop) to check for the fixed version.
  • PASvisu Runtime: Limit network access to legitimate connections by using a firewall or similar
    measures. Restrict administrative access by setting up user authentication properly.

Reported by

Pilz would like to thank CERT@VDE for coordinating publication.