Silex Technology SD-330AC and AMC Manager Heap-Based Buffer Overflow Vulnerability Allowing Denial-of-Service

A heap-based buffer overflow vulnerability has been identified in the SD-330AC device and the AMC Manager application, both provided by Silex Technology, Inc. This vulnerability occurs in the packet data processing of 'sx_smpd', where crafted packets can be processed in a way that leads to memory corruption. As a result, this vulnerability can cause a temporary denial-of-service condition on the affected device or application.

Impact

Exploitation of this vulnerability leads to a temporary denial-of-service condition on the affected device.

Remediation

Users are advised to update the SD-330AC firmware to version 1.50 or later, or to update AMC Manager to version 5.1.0 or later. After updating SD-330AC, it is mandatory to set an administrator password before using the product, as the device cannot be operated without one. Additionally, version 5.1.0 or later of AMC Manager must be used, as earlier versions are not compatible.