exploitDog

CVE-2024-4192

Опубликовано: 30 апр. 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

Ссылки

https://www.cisa.gov/news-events/ics-advisories/icsa-24-121-01
Third Party Advisory
US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-121-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:cncsoft-g2:*:*:*:*:*:*:*:*

Версия до 2.1.0.4 (исключая)

EPSS

Процентиль: 27%

0.00097

Низкий

7.8 High

CVSS3

Дефекты

CWE-121

Связанные уязвимости

GHSA-2v6f-3vqg-p9wc

CVSS3: 7.8

github

почти 2 года назад

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

EPSS

Процентиль: 27%

0.00097

Низкий

7.8 High

CVSS3

Дефекты

CWE-121