exploitDog

CVE-2021-23157

Опубликовано: 14 янв. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-130/
Third Party Advisory
VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-132/
Third Party Advisory
VDB Entry
https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03
Third Party Advisory
US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-130/
Third Party Advisory
VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-132/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:we-con:levistudiou:*:*:*:*:*:*:*:*

Версия до 2019-09-21 (включая)

EPSS

Процентиль: 68%

0.00572

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-122

CWE-787

Связанные уязвимости

GHSA-mv25-j7gj-c8p5

github

около 4 лет назад

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

BDU:2022-05812

CVSS3: 8.8

fstec

больше 4 лет назад

Уязвимость программного обеспечения для программирования человеко-машинного интерфейса WECON LeviStudioU, нарушителю выполнить произвольный код

EPSS

Процентиль: 68%

0.00572

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-122

CWE-787