Описание
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitIssue TrackingVendor Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.142.1 (включая)
cpe:2.3:a:gmg137:snap7-rs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00049
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.3
github
около 2 месяцев назад
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 15%
0.00049
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119