CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2023-21610 (GCVE-0-2023-21610)
Vulnerability from cvelistv5 – Published: 2023-01-18 00:00 – Updated: 2025-03-05 19:33
VLAI
Title
Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution
Summary
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Acrobat Reader |
Affected:
unspecified , ≤ 20.005.30418
(custom)
Affected: unspecified , ≤ 22.003.20282 (custom) Affected: unspecified , ≤ 22.003.20281 (custom) Affected: unspecified , ≤ None (custom) |
Date Public
2023-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:36.752880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:02.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-31T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21610",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21632 (GCVE-0-2023-21632)
Vulnerability from cvelistv5 – Published: 2023-06-06 07:39 – Updated: 2024-08-02 09:44
VLAI
Title
Stack-based Buffer Overflow in Automotive GPU
Summary
Memory corruption in Automotive GPU while querying a gsl memory node.
Severity
8.4 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
APQ8064AU
Affected: MSM8996AU Affected: QAM8295P Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA6698AQ Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SA8540P Affected: SA9000P Affected: Snapdragon 820 Automotive Platform |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "Snapdragon 820 Automotive Platform"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Automotive GPU while querying a gsl memory node."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T16:26:51.742Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin"
}
],
"title": "Stack-based Buffer Overflow in Automotive GPU"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2023-21632",
"datePublished": "2023-06-06T07:39:08.718Z",
"dateReserved": "2022-12-07T02:58:25.864Z",
"dateUpdated": "2024-08-02T09:44:01.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21732 (GCVE-0-2023-21732)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-02-28 21:15
VLAI
Title
Microsoft ODBC Driver Remote Code Execution Vulnerability
Summary
Microsoft ODBC Driver Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.3887
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.1487
(custom)
|
|
| Microsoft | Windows 10 Version 20H2 |
Affected:
10.0.0 , < 10.0.19042.2486
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.1455
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19044.2486
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.1105
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.2486
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.19685
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.5648
(custom)
|
|
| Microsoft | Windows 7 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 7 Service Pack 1 |
Affected:
6.1.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows 8.1 |
Affected:
6.3.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.21872
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26321
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24075
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.20778
(custom)
|
Date Public
2023-01-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft ODBC Driver Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21732"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T20:23:48.493329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T21:15:13.576Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.3887",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.1487",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.2486",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.1455",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.2486",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.1105",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.2486",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19685",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.5648",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 7 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21872",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26321",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24075",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.20778",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.1487",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.2486",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.2486",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5648",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.21872",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26321",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24075",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft ODBC Driver Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:51.617Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft ODBC Driver Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21732"
}
],
"title": "Microsoft ODBC Driver Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21732",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-02-28T21:15:13.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22226 (GCVE-0-2023-22226)
Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-05 19:26
VLAI
Title
Adobe Bridge SVG file Stack-based Buffer Overflow Arbitrary code execution
Summary
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
1 reference
Impacted products
Date Public
2023-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:59:29.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/bridge/apsb23-09.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:20.716194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:26:50.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Bridge",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "12.0.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "13.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/bridge/apsb23-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Bridge SVG file Stack-based Buffer Overflow Arbitrary code execution "
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22226",
"datePublished": "2023-02-17T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:26:50.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22234 (GCVE-0-2023-22234)
Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-05 19:25
VLAI
Title
Adobe Premiere Rush PSD file Stack-based Buffer Overflow Arbitrary code execution
Summary
Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Premiere Rush |
Affected:
unspecified , ≤ 2.6
(custom)
Affected: unspecified , ≤ None (custom) |
Date Public
2023-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/premiere_rush/apsb23-14.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:00.829600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:25:58.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Premiere Rush",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/premiere_rush/apsb23-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Premiere Rush PSD file Stack-based Buffer Overflow Arbitrary code execution "
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22234",
"datePublished": "2023-02-17T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:25:58.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22243 (GCVE-0-2023-22243)
Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-05 19:25
VLAI
Title
Adobe Animate SVG file Stack-based Buffer Overflow Arbitrary code execution
Summary
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
1 reference
Impacted products
Date Public
2023-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:04.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/animate/apsb23-15.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:43:48.928309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:25:44.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Animate",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.0.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "23.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb23-15.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Animate SVG file Stack-based Buffer Overflow Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22243",
"datePublished": "2023-02-17T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:25:44.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22363 (GCVE-0-2023-22363)
Vulnerability from cvelistv5 – Published: 2023-07-24 23:09 – Updated: 2024-10-17 13:04
VLAI
Title
Access Zone stack overflow
Summary
A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.
This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based buffer overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre |
Affected:
vEL8.80 , < 1192
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-22363"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22363",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T13:01:12.969143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T13:04:52.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Command Centre",
"vendor": "Gallagher",
"versions": [
{
"lessThan": "1192",
"status": "affected",
"version": "vEL8.80",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)\u003c/p\u003e"
}
],
"value": "\nA stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group.\n\nThis issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2)\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-24T23:09:14.127Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-22363"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Access Zone stack overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2023-22363",
"datePublished": "2023-07-24T23:09:14.127Z",
"dateReserved": "2023-02-03T20:38:05.254Z",
"dateUpdated": "2024-10-17T13:04:52.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2262 (GCVE-0-2023-2262)
Vulnerability from cvelistv5 – Published: 2023-09-20 15:20 – Updated: 2024-09-25 15:44
VLAI
Title
Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow
Summary
A buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
23 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell Automation | 1756-EN2T Series A, B, C |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2T Series D |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TK Series A, B, C |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2TXT Series A, B, C |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2TXT Series D |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TP Series A |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TPK Series A |
Affected:
<=11.002
|
|
| Rockwell Auotmation | 1756-EN2TPXT Series A |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TR Series A, B |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2TR Series C |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TRK Series A, B |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2TRK Series C |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2TRXT Series A, B |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2TRXT Series C |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2F Series A, B |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2F Series C |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN2FK Series A, B |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN2FK Series C |
Affected:
<=11.002
|
|
| Rockwell Automation | 1756-EN3TR Series A |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN3TR Series B |
Affected:
<=11.003
|
|
| Rockwell Automation | 1756-EN3TRK Series A |
Affected:
<=5.008 & 5.028
|
|
| Rockwell Automation | 1756-EN3TRK Series B |
Affected:
<=11.002
|
|
| rockwellautomation | 1756-en2fk_series_c_firmware |
Affected:
5.008 , ≤ 5.028
(custom)
Affected: 0 , ≤ 11.0002 (custom) cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tk_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tk_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tk_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2txt_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2txt_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2txt_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2txt_series_d_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tp_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tpk_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trk_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trk_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trk_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trxt_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trxt_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2trxt_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2fk_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2fk_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2fk_series_c_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en3trk_series_a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en3trk_series_b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en2tpxt_series_a_firmware:*:*:*:*:*:*:*:* |
Date Public
2023-09-12 12:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2txt_series_d_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tp_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tpk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2trxt_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2fk_series_c_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3trk_series_a_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en3trk_series_b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:1756-en2tpxt_series_a_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en2fk_series_c_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThanOrEqual": "5.028",
"status": "affected",
"version": "5.008",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:39:20.985093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:44:30.367Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2T Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TK Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series A, B, C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TXT Series D",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TP Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TPXT Series A",
"vendor": "Rockwell Auotmation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TR Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2TRXT Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series A, B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2FK Series C",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TR Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.003"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series A",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=5.008 \u0026 5.028"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN3TRK Series B",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "\u003c=11.002"
}
]
}
],
"datePublic": "2023-09-12T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nA buffer overflow vulnerability exists in the Rockwell Automation select 1756-EN* communication devices. If exploited, a threat actor could potentially leverage this vulnerability to perform a remote code execution. To exploit this vulnerability, a threat actor would have to send a maliciously crafted CIP request to device.\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T15:47:00.968Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140786"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cstrong\u003eUpdate firmware.\u003c/strong\u003e\u0026nbsp;Update EN2* ControlLogix communications modules to mitigated firmware.\u003cbr\u003e\u003cul\u003e\u003cli\u003eRestrict traffic to the SMTP port (25), if not needed.\u003c/li\u003e\u003cli\u003eCustomers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf\"\u003eEtherNet/IP Network Devices User Manual (rockwellautomation.com)\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, publication ENET-UM006.\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012\"\u003eQA43240 - Recommended Security Guidelines from Rockwell Automation\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\n\n"
}
],
"value": "Update firmware.\u00a0Update EN2* ControlLogix communications modules to mitigated firmware.\n * Restrict traffic to the SMTP port (25), if not needed.\n * Customers using the EN2/EN3 versions 10.x and higher can disable the email object, if not needed. Instructions can be found in the EtherNet/IP Network Devices User Manual (rockwellautomation.com) https://literature.rockwellautomation.com/idc/groups/literature/documents/um/enet-um006_-en-p.pdf , publication ENET-UM006.\n * QA43240 - Recommended Security Guidelines from Rockwell Automation https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012 \n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rockwell Automation Select Logix Communication Modules Vulnerable to Email Object Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2023-2262",
"datePublished": "2023-09-20T15:20:23.700Z",
"dateReserved": "2023-04-24T21:35:54.200Z",
"dateUpdated": "2024-09-25T15:44:30.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22842 (GCVE-0-2023-22842)
Vulnerability from cvelistv5 – Published: 2023-02-01 17:56 – Updated: 2025-03-26 17:47
VLAI
Title
BIG-IP SIP profile vulnerability
Summary
On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
Date Public
2023-02-01 15:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:30.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K08182564"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22842",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T17:47:42.764431Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T17:47:52.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"All modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "17.0.0",
"versionType": "semver"
},
{
"lessThan": "16.1.3.3",
"status": "affected",
"version": "16.1.0",
"versionType": "semver"
},
{
"lessThan": "15.1.8.1",
"status": "affected",
"version": "15.1.0",
"versionType": "semver"
},
{
"lessThan": "14.1.5.3",
"status": "affected",
"version": "14.1.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "affected",
"version": "13.1.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-02-01T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\u003cbr\u003e"
}
],
"value": "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T17:56:36.634Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"url": "https://my.f5.com/manage/s/article/K08182564"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP SIP profile vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2023-22842",
"datePublished": "2023-02-01T17:56:36.634Z",
"dateReserved": "2023-01-13T06:43:37.199Z",
"dateUpdated": "2025-03-26T17:47:52.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23569 (GCVE-0-2023-23569)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:10
VLAI
Summary
Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- escalation of privilege
- CWE-121 - Stack-based buffer overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Trace Analyzer and Collector software |
Affected:
before version 2021.8.0 published Dec 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23569",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:28:44.456245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:10:56.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Trace Analyzer and Collector software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8.0 published Dec 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-121",
"description": "Stack-based buffer overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:41.468Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-23569",
"datePublished": "2023-05-10T13:16:41.468Z",
"dateReserved": "2023-02-01T04:00:02.660Z",
"dateUpdated": "2025-01-27T18:10:56.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-10
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
- D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Phase: Architecture and Design
Description:
- Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Phase: Implementation
Description:
- Implement and perform bounds checking on input.
Mitigation
Phase: Implementation
Description:
- Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.
Mitigation ID: MIT-11
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
- Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
- For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
No CAPEC attack patterns related to this CWE.