Описание
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead to remote code execution.
Ссылки
- Third Party Advisory
- Product
- Broken Link
- Third Party Advisory
- Product
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 7.2.5.7 (исключая)
Одновременно
cpe:2.3:o:swisslog-healthcare:hmi-3_control_panel_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:swisslog-healthcare:hmi-3_control_panel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04996
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120
Связанные уязвимости
github
больше 3 лет назад
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead to remote code execution.
EPSS
Процентиль: 89%
0.04996
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120