[Update notice] OnSinView2
1.Overview
Multiple vulnerabilities were found in OnSinView2.
We will inform you of the contents and how to deal with them.
Please confirm the contents and apply the follow solution.
2.Products Affected
Product: OnSinView2
Version: Version 2.0.1 and earlier
3.Description
OnSinView2 contains multiple vulnerabilities listed below.
Vulnerability 1) Improper Restriction of Operations within the Bounds of a Memory Buffer
When a specially crafted project file (KMDF file) is opened in OnSinView2, accessing a block in the project file without verifying that it has the incorrect number of lines and reading outside the memory boundaries.
| CWE ID: | CWE-119 |
| CVE ID: | CVE-2023-42506 |
| CVSS v3: | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base score: 7.8 |
Vulnerability 2) Stack-based Buffer Overflow
When a specially crafted project file (KMDF file) is opened in OnSinView2, Stack-based Buffer Overflow occurs when processing access based on the number of lines in the file.
| CWE ID: | CWE-121 |
| CVE ID: | CVE-2023-42507 |
| CVSS v3: | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base score: 7.8 |
4.Impact
Information disclosure and/or arbitrary code execution may occur by having a user to open a specially crafted project file (KMDF file).
5.Solution
Update OnSinView2
The version that contains fixes for these vulnerabilities is as follows.
Version: Version 2.0.2 and later
This version not only addresses these vulnerabilities, but also takes measures to prevent crafted project files from being opened.
Project file saved with Version 2.0.1 or earlier can be re-saved with Version 2.0.2 or later to enable this tamper-proof feature. Project file saved with Version 2.0.2 or later cannot be opened with Version 2.0.1 or earlier.
The latest version can be downloaded from the following our website.
https://www.electronics.jtekt.co.jp/en/download/iot/
6.Credit
Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with us.