CVE-2016-3962

high-risk

Published 2016-07-03

Stack-based buffer overflow in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.

Do I need to act?

11.2% chance of exploitation in next 30 days

EPSS score — higher than 89% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

40120

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.3/10 High

NETWORK / LOW complexity

Affected Products (12)

Ims-Lantime M3000

Ims-Lantime M500

Lantime M600

Lantime M900

Lces

Ntp Server Firmware

Ims-Lantime M1000

Lantime M100

Lantime M200

Lantime M300

Lantime M400

Syncfire 1100

Affected Vendors

Meinberg

References (4)

Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03

https://www.exploit-db.com/exploits/40120/

Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03

https://www.exploit-db.com/exploits/40120/

/ 100

high-risk

Severity 26/34 · High

Exploitability 11/34 · Low

Exposure 17/34 · Moderate