CVE-2022-27648 - Vulnerability Details - OpenCVE

This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14868.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Jtekt	Screen Creator Advance 2

Configuration 1 [-]

OR	cpe:2.3:a:jtekt:screen_creator_advance_2::::::::
	cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:-::::::
	cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01::::::
	cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01b::::::
	cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build02::::::

No data.

References

Link	Providers
https://www.koyoele.co.jp/en/topics/202203154994/
https://www.zerodayinitiative.com/advisories/ZDI-22-543/

History

Tue, 18 Feb 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2023-03-29T00:00:00.000Z

Updated: 2025-02-18T17:38:06.606Z

Reserved: 2022-03-22T00:00:00.000Z

Link: CVE-2022-27648

Vulnrichment

Updated: 2024-08-03T05:32:59.945Z

NVD

Status : Modified

Published: 2023-03-29T19:15:08.860

Modified: 2024-11-21T06:56:05.810

Link: CVE-2022-27648

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-27648", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "dateUpdated": "2025-02-18T17:38:06.606Z", "dateReserved": "2022-03-22T00:00:00.000Z", "datePublished": "2023-03-29T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2023-03-29T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14868."}], "affected": [{"vendor": "KOYO", "product": "Screen Creator", "versions": [{"version": "0.1.1.1", "status": "affected"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/"}, {"url": "https://www.koyoele.co.jp/en/topics/202203154994/"}], "credits": [{"lang": "en", "value": "Tran Van Khang - khangkito (VinCSS)"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "cweId": "CWE-121"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:59.945Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/", "tags": ["x_transferred"]}, {"url": "https://www.koyoele.co.jp/en/topics/202203154994/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-18T17:37:59.544555Z", "id": "CVE-2022-27648", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T17:38:06.606Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/", "tags": ["x_transferred"]}, {"url": "https://www.koyoele.co.jp/en/topics/202203154994/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:59.945Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-27648", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-18T17:37:59.544555Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T17:37:57.313Z"}}], "cna": {"credits": [{"lang": "en", "value": "Tran Van Khang - khangkito (VinCSS)"}], "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "KOYO", "product": "Screen Creator", "versions": [{"status": "affected", "version": "0.1.1.1"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/"}, {"url": "https://www.koyoele.co.jp/en/topics/202203154994/"}], "descriptions": [{"lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14868."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2023-03-29T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-27648", "state": "PUBLISHED", "dateUpdated": "2025-02-18T17:38:06.606Z", "dateReserved": "2022-03-22T00:00:00.000Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2023-03-29T00:00:00.000Z", "assignerShortName": "zdi"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jtekt:screen_creator_advance_2:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F27CC9E-BD6F-48DA-99C4-ACDBF387105B", "versionEndExcluding": "0.1.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:-:*:*:*:*:*:*", "matchCriteriaId": "8DB0C7F8-BCA5-434F-92EA-E3B474580611", "vulnerable": true}, {"criteria": "cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01:*:*:*:*:*:*", "matchCriteriaId": "8925669F-2A1C-440A-A685-1438A5C17BDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build01b:*:*:*:*:*:*", "matchCriteriaId": "268B5CB1-1C44-4423-9820-9FC671A7F28E", "vulnerable": true}, {"criteria": "cpe:2.3:a:jtekt:screen_creator_advance_2:0.1.1.4:build02:*:*:*:*:*:*", "matchCriteriaId": "CC1958E0-E1CF-4F4A-9828-B7996B168C6E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14868."}], "id": "CVE-2022-27648", "lastModified": "2024-11-21T06:56:05.810", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-29T19:15:08.860", "references": [{"source": "zdi-disclosures@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://www.koyoele.co.jp/en/topics/202203154994/"}, {"source": "zdi-disclosures@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.koyoele.co.jp/en/topics/202203154994/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-543/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}