CVE-2017-14854

Vulnerability

A stack-based buffer overflow vulnerability exists in one of the Orpak SiteOmat CGI components [1]. The affected product is SiteOmat software used for fuel station management. All versions prior to 6.4.414.122 are vulnerable to this overflow (CVE-2017-14854) [1]. The specific CGI endpoint and input parameter triggering the overflow are not detailed in the available references.

Exploitation

This vulnerability is remotely exploitable with low skill level required, and public exploits are available [1]. The attacker needs no authentication or user interaction to trigger the overflow via network access to the affected CGI component [1]. The CVSS v3 vector string (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) confirms network-based exploitation with low attack complexity and no privileges required [1].

Impact

Successful exploitation results in arbitrary remote code execution, which could lead to denial-of-service conditions and unauthorized access to view and edit monitoring, configuration, and payment information [1]. The attacker can achieve full compromise of confidentiality, integrity, and availability (CIA) of the affected system, with no scope change [1].

Mitigation

Orpak (acquired by Gilbarco Veeder-Root) released version 6.4.414.122 to address this vulnerability [1]. Users should upgrade to version 6.4.414.122 or later [1]. The advisory notes that version 6.4.414.084 is also affected but does not specify an exact release date for the fix, only that the vulnerability affects versions prior to 2017-09-25 (as per the CVE description). No workarounds have been publicly documented [1].