CVE-2018-13472

Vulnerability

The CloutToken Ethereum smart contract contains an integer overflow vulnerability in its mint function due to the absence of a proper overflow check. This allows the contract owner to call mint(address _to, uint256 _amount) with an arbitrarily large _amount value that, when added to the existing balance of the _to address, causes an integer overflow, resulting in the balance being set to an unintended value [1][2]. All versions of the CloutToken contract are affected; the reference implementation resides in the CloutToken directory of the BlockChainsSecurity/EtherTokens repository [2].

Exploitation

An attacker must be the owner of the CloutToken contract to exploit this vulnerability since the mint function is typically restricted to the owner role [1]. The owner calls mint with a target address and a crafted _amount such that balance + _amount overflows the uint256 type, enabling the owner to set the balance of an arbitrary user to any value of their choosing. No additional user interaction or special network position is required beyond ownership of the contract.

Impact

A successful exploit allows the contract owner to arbitrarily inflate or deflate the token balance of any Ethereum address. This could be used to mint an excessive number of tokens to a chosen account, effectively stealing tokens from others or manipulating the token supply, leading to loss of funds for other holders and undermining the token's integrity. The CIA impact is primarily on integrity and availability of the token's value.

Mitigation

At the time of disclosure (2018-07-09), no patched version of CloutToken had been released. The vulnerability is resolved in Solidity versions that include built-in overflow checks (e.g., Solidity ^0.8.0) or by using OpenZeppelin's SafeMath library to enforce arithmetic overflow checks. Users holding CloutToken should monitor the contract's repository for any official update or consider migrating to a token with a secure implementation [1][2].