Parallaxis Cuckoo Clock Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A buffer overflow vulnerability has been identified in Parallaxis Cuckoo Clock version 5.0. This vulnerability allows attackers to execute arbitrary code by overwriting memory registers through the alarm scheduling feature. By crafting a payload that exceeds 260 bytes, attackers can manipulate the EIP and EBP registers, facilitating the execution of shellcode with potential for remote code execution.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution. The overwritten EIP and EBP registers can be manipulated to execute shellcode, with the possibility of remote code execution.

Reproduction

To reproduce this vulnerability, install and open Parallaxis Cuckoo Clock version 5.0 on a 32-bit Windows system. After opening the application, right-click the app icon in the bottom right corner and select 'Alarms'. Click the 'Add' button to create a new alarm. A Python script can be run at this stage to generate a payload that exploits the buffer overflow. Open the generated 'poc.txt' file, select all, and copy the payload. Then, paste it into the 'New Alarm' textbox under the 'Schedule' section. After pasting the buffer, press the 'Back' button, which will trigger the execution of the shellcode.