github - ghsa-6f9g-vc76-v447

ghsa-6f9g-vc76-v447

Vulnerability from github

Published

2021-12-14 00:00

Modified

2021-12-16 00:02

Details

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-43983"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-13T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.",
  "id": "GHSA-6f9g-vc76-v447",
  "modified": "2021-12-16T00:02:43Z",
  "published": "2021-12-14T00:00:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43983"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-034"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-035"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-036"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-037"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-038"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-039"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-040"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-041"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-042"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-043"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-044"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-045"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-046"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-047"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-43983 (GCVE-0-2021-43983)

Vulnerability from cvelistv5

Published

2021-12-13 15:48

Modified

2024-09-17 01:26

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

References

URL

Tags

	https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-046/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-040/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-043/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-036/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-037/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-039/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-044/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-042/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-035/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-034/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-047/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-041/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-038/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-045/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WECON	LeviStudioU	Version: All <

Show details on NVD website