Is CVE-2018-10594 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Ics-cert Delta Industrial Automation Commgr And Accompanying Plc Simulators (Dvpsimulator Eh2, Eh3, Es2, Se, Ss2 Ahsim_5x0, Ahsim_5x1)

CVE-2018-10594

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified lengt…

Vulnerability class: Buffer Overflow

EPSS: 0.782 (99.0th percentile) — read the EPSS interpretation.

Affected products

Ics-cert Delta Industrial Automation Commgr And Accompanying Plc Simulators (Dvpsimulator Eh2, Eh3, Es2, Se, Ss2 Ahsim_5x0, Ahsim_5x1) — versions Version 1.08 and prior

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

104529 (vdb-entry, x_refsource_BID)
44965 (exploit, x_refsource_EXPLOIT-DB)
ics-cert.us-cert.gov/advisories/ICSA-18-172-01 (x_refsource_MISC)
45574 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2018-10594?: CVE-2018-10594 is a vulnerability in Ics-cert Delta Industrial Automation Commgr And Accompanying Plc Simulators (Dvpsimulator Eh2, Eh3, Es2, Se, Ss2 Ahsim_5x0, Ahsim_5x1), classified under Stack-based Buffer Overflow. Published 2018-06-26.
Is CVE-2018-10594 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.