Description
Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C.

This issue affects X-TRACK: through v2.7.
Published: 2026-01-27
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution
Action: Immediate Patch
AI Analysis

Impact

This vulnerability is an out-of-bounds write caused by a buffer copy that does not check the size of the input, a classic buffer overflow flaw. It occurs in the PNG decoder modules of X‑TRACK, specifically in the inflate.C component. The flaw allows an attacker to corrupt heap memory, potentially leading to arbitrary code execution or a denial‑of‑service crash. It is catalogued as CWE‑120 and CWE‑787

Affected Systems

The flaw affects all versions of the FASTSHIFT X‑TRACK product up to and including version 2.7. The vulnerable code resides in the lv_img_png and PNGdec src directories of the X‑TRACK application

Risk and Exploitability

The CVSS score for this issue is 10, indicating critical severity. The EPSS score is reported as less than 1 %, indicating a low probability of exploitation in the wild. The flaw is not currently listed in CISA’s KEV catalog. Although the exact attack vector is not detailed in the advisory, the buffer overflow likely requires the delivery of a crafted PNG or inflate input, meaning that exposure could be remote if the application accepts untrusted files over a network or local path. Given the high severity and the potential for remote code execution, the risk is considered high if the vulnerable version is deployed.

Generated by OpenCVE AI on April 18, 2026 at 02:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version newer than 2.7 once the vendor releases a patch
  • Restrict or disable processing of PNG or inflate data from untrusted sources, or otherwise limit the use of the vulnerable decoder
  • Verify that runtime address space layout randomization (ASLR) and data execution prevention (DEP) are enabled to mitigate the impact of any potential memory corruption

Generated by OpenCVE AI on April 18, 2026 at 02:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 27 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Fastshift
Fastshift x-track
Vendors & Products Fastshift
Fastshift x-track

Tue, 27 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 09:15:00 +0000

Type Values Removed Values Added
Description Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7.
Title A heap-based buffer over-read or buffer overflow vulnerability in FASTSHIFT/X-TRACK
Weaknesses CWE-120
CWE-787
References
Metrics cvssV4_0

{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/V:C/RE:L/U:Red'}

Subscriptions

Fastshift X-track
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-01-27T16:59:03.943Z

Reserved: 2026-01-27T08:59:05.365Z

Link: CVE-2026-24823

cve-icon Vulnrichment

Updated: 2026-01-27T16:58:59.859Z

cve-icon NVD

Status : Deferred

Published: 2026-01-27T09:15:53.067

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-24823

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:30:15Z

Weaknesses