CVE-2018-13071

Vulnerability

The mintToken function in the CCindex10 (T10) smart contract (at address 0xab3a93b317def7426c8345538690036cb92a11e6) contains an integer overflow vulnerability. The function uses balanceOf[target] += mintedAmount where both variables are uint types. An overflow can occur when mintedAmount is chosen to be extremely large, causing the addition to wrap around and set the target's balance to an unexpected value. This affects all versions of the contract as seen in the referenced code [1].

Exploitation

The attacker must be the owner of the contract, as the onlyOwner modifier restricts access. The owner can call mintToken with a crafted mintedAmount (e.g., 0x8000000000000000000000000000000000000000000000000000000000000000) to cause an integer overflow. By doing so, the owner can set the balance of any arbitrary user to any value, including zero or a negative (wrapped) amount. The operation requires no special network position or user interaction [1].

Impact

A successful exploit allows the owner to arbitrarily control the token balance of any user. This can lead to theft of tokens, manipulation of token supply, or denial of service by zeroing balances. The impact is severe as it compromises the integrity of the token's financial state and undermines trust in the contract [1].

Mitigation

As of the publication date, no official fix or updated contract version has been released. Users are advised to avoid using the CCindex10 (T10) token contract until a patched version is deployed. The contract should be considered high-risk. No workaround exists other than not interacting with the contract [1].