CVE-2016-3988

moderate-risk

Published 2016-07-03

Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via a crafted parameter in a POST request.

Do I need to act?

0.56% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.3/10 High

NETWORK / LOW complexity

Affected Products (12)

Ims-Lantime M3000

Ims-Lantime M500

Lantime M600

Lantime M900

Lces

Ntp Server Firmware

Ims-Lantime M1000

Lantime M100

Lantime M200

Lantime M300

Lantime M400

Syncfire 1100

Affected Vendors

Meinberg

References (2)

Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 17/34 · Moderate