Heap Overflow Vulnerability in WibuKey Network Server Management (Version 6.40.2402.500) Allows Remote Code Execution

Heap Overflow Vulnerability in WibuKey Network Server Management (Version 6.40.2402.500) Allows Remote Code Execution

CVE-2018-3991 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.