Skip to main content

Levistudiou CVE-2021-43983

HIGH
Stack-based Buffer Overflow (CWE-121)
2021-12-13 ics-cert@hq.dhs.gov
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 13, 2021 - 16:15 nvd
HIGH 7.8

DescriptionNVD

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

AnalysisAI

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-121. WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code. Affected products include: We-Con Levistudiou.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-4533 HIGH
7.8 Jul 12

Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. Rat

CVE-2018-10614 HIGH
8.8 Oct 09

An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes speciall

CVE-2018-10610 HIGH
8.8 Oct 09

An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processe

CVE-2018-10606 HIGH
8.8 Sep 26

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploit

CVE-2018-10602 HIGH
8.8 Sep 26

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploi

CVE-2020-25199 HIGH
7.8 Dec 09

A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when p

CVE-2019-6541 HIGH
7.8 Feb 13

A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arb

CVE-2019-6539 HIGH
7.8 Feb 13

Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, w

CVE-2019-6537 HIGH
7.8 Feb 13

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when

CVE-2020-25186 HIGH
7.5 Oct 22

An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, wh

CVE-2018-7527 MEDIUM
5.3 Apr 26

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studi

Share

CVE-2021-43983 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy