CVE-2018-3917
Description
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The strcpy call overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack buffer overflow in the Samsung SmartThings Hub's video-core process lets an attacker exploit an HTTP request with a long 'region' value, leading to code execution.
Vulnerability
The Samsung SmartThings Hub STH-ETH-250 running firmware version 0.20.17 contains a stack-based buffer overflow in the video-core process. The vulnerability lies in how the video-core process extracts fields from the shard table of its SQLite database. Specifically, the strcpy call copies an attacker-controlled region value into a destination buffer of only 16 bytes without checking the length. This allows an attacker to overflow the stack [1].
Exploitation
An attacker must be able to send HTTP requests to the hub's video-core HTTP server. No authentication is required to trigger the vulnerable code path. The attacker simply sends a crafted HTTP request with an arbitrarily long region parameter in the query string. The server then processes this value, overflowing the stack buffer with attacker-controlled data [1].
Impact
Successful exploitation leads to a stack buffer overflow, which can be leveraged for arbitrary code execution. The CVSSv3 score of 7.5 (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H) indicates a high impact on confidentiality, integrity, and availability, although the attack requires local access (AV:L) and high attack complexity (AC:H) due to the need for precise memory layout knowledge. An attacker can gain full control of the video-core process [1].
Mitigation
Samsung has released a firmware update to address this vulnerability. Users should update their Samsung SmartThings Hub to a firmware version later than 0.20.17. No workarounds are available for this vulnerability. The CVE is not listed in the CISA Known Exploited Vulnerabilities catalog as of August 2018 [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 0.20.17
- Samsung/SmartThings Hub STH-ETH-250v5Range: Firmware version 0.20.17
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2018-0581mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.