Description
CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-110-05
Third Party AdvisoryUS Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-445/
Third Party AdvisoryVDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-446/
Third Party AdvisoryVDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-21-509/
Third Party AdvisoryVDB Entry
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-04-27T13:15:08.287
4 years agoLast modified
2021-05-07T16:13:54.473
4 years ago