CVE-2026-24821
📋 TL;DR
An out-of-bounds read vulnerability in WickedEngine's LUA parser allows attackers to read memory beyond allocated buffers. This affects applications using WickedEngine's LUA modules through version 0.71.727, potentially exposing sensitive data or causing crashes.
💻 Affected Systems
- WickedEngine
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Information disclosure of sensitive memory contents, potential remote code execution through memory corruption chaining, or complete application crash leading to denial of service.
Likely Case
Application instability or crashes, potential information leakage from adjacent memory regions, and denial of service conditions.
If Mitigated
Limited impact with proper memory protections and sandboxing, potentially just application crashes without data exposure.
🎯 Exploit Status
Exploitation requires crafting malicious LUA scripts that trigger the out-of-bounds read condition in the parser.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.71.728 or later
Vendor Advisory: https://github.com/turanszkij/WickedEngine/pull/1095
Restart Required: Yes
Instructions:
1. Update WickedEngine to version 0.71.728 or later. 2. Rebuild any applications using WickedEngine. 3. Restart affected services.
🔧 Temporary Workarounds
Disable LUA Scripting
allTemporarily disable LUA script parsing in WickedEngine if not required
Modify application configuration to disable LUA modules
Input Validation
allImplement strict validation of LUA scripts before processing
Add script validation layer before passing to WickedEngine parser
🧯 If You Can't Patch
- Isolate affected systems from untrusted networks
- Implement application sandboxing and memory protection controls
🔍 How to Verify
Check if Vulnerable:
Check WickedEngine version and verify if LUA modules are enabledCheck Version:
Check application dependencies or build configuration for WickedEngine versionVerify Fix Applied:
Confirm WickedEngine version is 0.71.728 or later and test LUA parsing functionality📡 Detection & Monitoring
Log Indicators:
- Application crashes with memory access violations
- Unexpected LUA parsing errors
- Memory dump patterns in crash logs
Network Indicators:
- Unusual LUA script uploads or transfers to affected systems
SIEM Query:
Search for process crashes with WickedEngine components and memory access violation exceptions