CVE-2023-4601

Опубликовано: 18 окт. 2023

Источник: nvd

CVSS3: 8.1

CVSS3: 9.8

EPSS Низкий

Описание

A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions.

Ссылки

https://www.ni.com/en/support/documentation/supplemental/23/stack-based-buffer-overflow-in-ni-system-configuration.html
Mitigation
Vendor Advisory
https://www.ni.com/en/support/documentation/supplemental/23/stack-based-buffer-overflow-in-ni-system-configuration.html
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ni:system_configuration:*:*:*:*:*:*:*:*

Версия до 2023 (исключая)

cpe:2.3:a:ni:system_configuration:2023:q2:*:*:*:*:*:*

cpe:2.3:a:ni:system_configuration:2023:q3:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00208

Низкий

8.1 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-121

CWE-787

Связанные уязвимости

GHSA-9r4m-vc45-52hp

CVSS3: 8.1

github

больше 2 лет назад

EPSS

Процентиль: 43%

0.00208

Низкий

8.1 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-121

CWE-787