The software of Mitsubishi Electric’s E1000 E-Designer panel programming system is vulnerable due to buffer overflows in memory. This allows attackers to execute arbitrary code under the authority of the administrator or trigger a service failure.

🗓️ 07 Jun 2018 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Buffer overflows in E1000 E-Designer during config file processing enable arbitrary code.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2017-9636	17 Apr 201814:29	–	attackerkb
CNVD	Mitsubishi Electric Europe B.V. E-Designer Buffer Overflow Vulnerability (CNVD-2017-22836)	3 Aug 201700:00	–	cnvd
CVE	CVE-2017-9636	17 Apr 201814:00	–	cve
Cvelist	CVE-2017-9636	17 Apr 201814:00	–	cvelist
EUVD	EUVD-2017-18567	7 Oct 202500:30	–	euvd
ICS	Mitsubishi Electric Europe B.V. E-Designer	1 Aug 201700:00	–	ics
NVD	CVE-2017-9636	17 Apr 201814:29	–	nvd
OSV	CVE-2017-9636	17 Apr 201814:29	–	osv
Prion	Design/Logic Flaw	17 Apr 201814:29	–	prion
Tenable Nessus	Mitsubishi (CVE-2017-9636) (deprecated)	7 Feb 202200:00	–	nessus

Source	Link
securityfocus	www.securityfocus.com/bid/100097
ics-cert	www.ics-cert.us-cert.gov/advisories/ICSA-17-213-01
securitylab	www.securitylab.ru/news/487659.php
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 39.8

CVSS 210

EPSS0.03683

Buffer overflow Config file processing E1000 E-Designer Arbitrary code