VDE-2024-003

Vulnerability from csaf_trumpfsecokg - Published: 2024-01-23 07:00 - Updated: 2025-05-22 13:03
Summary
TRUMPF: Multiple products include a vulnerable version of Notepad++
Notes
Summary: The TRUMPF products that are listed above contain a vulnerable version of Notepad++. This version isbeing installed for support purposes only, so there is no danger of triggering this vulnerability inNotepad++ during normal operations. Nevertheless, TRUMPF recommends mitigation of thisvulnerability.When editing a specially crafted file containing UTF-8 characters in Notepad++ (Versions up to 8.5.6) and converting that file to UTF-16, a buffer overflow vulnerability can be exploited that allows an attacker to execute arbitrary code to take over the whole system.
Impact: A user who's editing and converting a specially crafted file using the vulnerable Notepad++ version inthe TRUMPF product listed above can allow an attacker to execute code on the local server. This canimpact confidentiality, integrity and availability of information on the affected system.
Mitigation: For additional questions please contact your TRUMPF Service with the PR number 501709.
Remediation: Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709&p=true&fromShare=true&ga=1).
CVE-2023-40166

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in 'FileManager::detectLanguageFromTextBegining '. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Mitigation For additional questions please contact your TRUMPF Service with the PR number 501709.
Vendor Fix Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709&p=true&fromShare=true&ga=1).
CVE-2023-40164

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in 'nsCodingStateMachine::NextStater'. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Mitigation For additional questions please contact your TRUMPF Service with the PR number 501709.
Vendor Fix Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709&p=true&fromShare=true&ga=1).
CVE-2023-40036

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in 'CharDistributionAnalysis::HandleOneChar'. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.

5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Mitigation For additional questions please contact your TRUMPF Service with the PR number 501709.
Vendor Fix Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709&p=true&fromShare=true&ga=1).
CVE-2023-40031

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in 'Utf8_16_Read::convert'. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.

7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Mitigation For additional questions please contact your TRUMPF Service with the PR number 501709.
Vendor Fix Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709&p=true&fromShare=true&ga=1).
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The TRUMPF products that are listed above contain a vulnerable version of Notepad++. This version isbeing installed for support purposes only, so there is no danger of triggering this vulnerability inNotepad++ during normal operations. Nevertheless, TRUMPF recommends mitigation of thisvulnerability.When editing a specially crafted file containing UTF-8 characters in Notepad++ (Versions up to 8.5.6)\u00a0and converting that file to UTF-16, a buffer overflow vulnerability can be exploited that allows an attacker to execute arbitrary code to take over the whole system.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "A user who\u0027s editing and converting a specially crafted file using the vulnerable Notepad++ version inthe TRUMPF product listed above can allow an attacker to execute code on the local server. This canimpact confidentiality, integrity and availability of information on the affected system.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "For additional questions please contact your TRUMPF Service with the PR number 501709.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709\u0026p=true\u0026fromShare=true\u0026ga=1).",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "product.security@trumpf.com",
      "name": "Trumpf SE + Co. KG",
      "namespace": "https://www.trumpf.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2024-003: TRUMPF: Multiple products include a vulnerable version of Notepad++ - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-003/"
      },
      {
        "category": "self",
        "summary": "VDE-2024-003: TRUMPF: Multiple products include a vulnerable version of Notepad++ - CSAF",
        "url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-003.json"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Trumpf SE + Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/trumpf/"
      }
    ],
    "title": "TRUMPF: Multiple products include a vulnerable version of Notepad++",
    "tracking": {
      "aliases": [
        "VDE-2024-003"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2025-05-05T08:28:50.971Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2024-003",
      "initial_release_date": "2024-01-23T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-01-23T07:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "2",
          "summary": "Fix: quotation mark"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=V3.0.24",
                    "product": {
                      "name": "Oseon \u003c=V3.0.24",
                      "product_id": "CSAFPID-51001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oseon"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=V22.7",
                    "product": {
                      "name": "TruTops Fab (Storage) \u003c=V22.7",
                      "product_id": "CSAFPID-51002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Fab (Storage)"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "Trumpf"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-40166",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in \u0027FileManager::detectLanguageFromTextBegining \u0027. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For additional questions please contact your TRUMPF Service with the PR number 501709.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709\u0026p=true\u0026fromShare=true\u0026ga=1).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2023-40166"
    },
    {
      "cve": "CVE-2023-40164",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in \u0027nsCodingStateMachine::NextStater\u0027. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For additional questions please contact your TRUMPF Service with the PR number 501709.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709\u0026p=true\u0026fromShare=true\u0026ga=1).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2023-40164"
    },
    {
      "cve": "CVE-2023-40036",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in \u0027CharDistributionAnalysis::HandleOneChar\u0027. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For additional questions please contact your TRUMPF Service with the PR number 501709.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709\u0026p=true\u0026fromShare=true\u0026ga=1).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2023-40036"
    },
    {
      "cve": "CVE-2023-40031",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in \u0027Utf8_16_Read::convert\u0027. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For additional questions please contact your TRUMPF Service with the PR number 501709.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Please download the replacement tool [here](https://trumpf.sharepoint.com/sites/SCC%20Software%20Download%20Portal/Shared%20Documents/Forms/AllItems.aspx?id=%2Fsites%2FSCC%20Software%20Download%20Portal%2FShared%20Documents%2FOutgoing%2DFiles%2FSecurity%2FReplaceTools%5FPR501709\u0026p=true\u0026fromShare=true\u0026ga=1).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2023-40031"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.