Summary
JN5 DriveLink is a free program that enables you to configure the AC Motor Drive, 510 Series PC-Link. It provides support for sleep and fire modes favourable for pumps, fans, compressors, and HVAC and communication network protocol of Modbus/ BACnet/ Metasys N2.
Description
The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.
(14c0.12ec): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Windows\system32\MFC42.DLL -
*** WARNING: Unable to verify checksum for C:\Program Files (x86)\TECO\JN5 DriveLink\L510-DriveLink\L510-DriveLink.exe
*** ERROR: Module load completed but symbols could not be loaded for C:\Program Files (x86)\TECO\JN5 DriveLink\L510-DriveLink\L510-DriveLink.exe
eax=000026a0 ebx=0018f430 ecx=41414141 edx=00000001 esi=0018f408 edi=ffffd961
eip=70735d7e esp=0018f350 ebp=0018f364 iopl=0 nv up ei ng nz na po nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210282
MFC42!Ordinal2740+0xaa:
70735d7e 8b01 mov eax,dword ptr [ecx] ds:002b:41414141=????????
0:000> !exchain
0018f3e4: 41414141
Invalid exception stack at 41414141