OTPulse
FeedAboutContact

Teledyne DALSA Sherlock

Act Now7.3ICS-CERT ICSA-18-324-01Nov 20, 2018
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary

Teledyne DALSA Sherlock versions 7.2.7.4 and earlier contain a buffer overflow vulnerability (CWE-121) that could allow a local attacker with user interaction to execute arbitrary code or crash the application. The vulnerability is not remotely exploitable and requires local access to the machine running Sherlock.

What this means
What could happen
A buffer overflow in Sherlock could allow a local attacker to run arbitrary code on the vision software platform, potentially disrupting image analysis, inspection, or quality control operations that depend on it.
Who's at risk
Machine vision and industrial imaging operations that rely on Teledyne DALSA Sherlock for automated inspection, quality control, or defect detection. This affects organizations in food processing, pharmaceuticals, electronics manufacturing, automotive, and other industries using automated visual inspection systems.
How it could be exploited
An attacker with local access to the machine running Sherlock could exploit a buffer overflow vulnerability by providing specially crafted input or interacting with the application in a way that causes memory corruption. This could lead to arbitrary code execution with the privileges of the Sherlock process.
Prerequisites
  • Local access to the machine running Sherlock
  • User interaction required (local UI interaction)
  • Affected Sherlock version 7.2.7.4 or earlier
Buffer overflow vulnerability (CWE-121)Local code execution possibleUser interaction requiredEPSS score 10.1% (elevated exploit probability)No patch was initially available when advisory was issued
Exploitability
High exploit probability (EPSS 10.1%)
Affected products (1)
ProductAffected VersionsFix Status
Sherlock:≤ 7.2.7.47.2.7.5
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Sherlock to version 7.2.7.5 or later from Teledyne DALSA's website
Long-term hardening
0/2
HARDENINGRestrict local access to machines running Sherlock and limit who can interact with the application interface
HARDENINGImplement endpoint security controls and monitor for suspicious process execution on vision software systems
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/04b5831d-5f9c-4a85-86b9-edfe27f660af
Teledyne DALSA Sherlock | CVSS 7.3 - OTPulse