Stack-based Buffer Overflow
A stack-based buffer overflow occurs when a program writes more data to a buffer located on the stack than it was allocated to hold.
How It Works
A stack-based buffer overflow occurs when a program writes more data to a buffer located on the stack than it was allocated to hold. The stack stores local variables, function parameters, and critical control information including the return address that tells the CPU where to resume execution after a function completes. When an attacker overflows a buffer, they can overwrite adjacent memory, including this return address.
The classic exploitation path involves carefully crafting input to overwrite the return address with a pointer to attacker-controlled code. Historically, attackers would inject shellcode directly into the overflowed buffer, then redirect execution to it. Modern defenses like Data Execution Prevention (DEP/NX) mark the stack as non-executable, forcing attackers to use Return-Oriented Programming (ROP) instead—chaining together existing code snippets ("gadgets") to perform malicious operations without injecting new code.
Address Space Layout Randomization (ASLR) randomizes memory addresses to make exploitation harder, but attackers can defeat it through information disclosure vulnerabilities that leak memory addresses. Stack canaries—random values placed between buffers and control data—can detect overwrites, but may be bypassed through brute-force attacks or by carefully avoiding them in partial overwrites.
Impact
- Arbitrary code execution at the privilege level of the vulnerable process
- Complete system compromise if the vulnerable process runs with elevated privileges (root/SYSTEM)
- Memory corruption leading to crashes and denial of service
- Bypass of authentication mechanisms by redirecting execution flow around security checks
- Data theft or modification through code injection that accesses sensitive memory regions
Real-World Examples
The Morris Worm (1988) exploited a stack overflow in the Unix fingerd daemon, becoming one of the first major internet worms. The Code Red worm (2001) leveraged a stack overflow in Microsoft IIS (CVE-2001-0500) to compromise hundreds of thousands of web servers, demonstrating the massive scale of automated exploitation.
More recently, EternalBlue exploited stack corruption in Windows SMB (CVE-2017-0144), enabling the WannaCry and NotPetya ransomware outbreaks that caused billions in damage. The Heartbleed bug (CVE-2014-0160), while technically a heap-based read overflow, demonstrated how buffer handling errors remain prevalent even in security-critical software like OpenSSL.
Mitigation
- Stack canaries (compile with
-fstack-protector-allor equivalent) to detect overwrites before return - Address Space Layout Randomization (ASLR) to randomize memory locations
- DEP/NX bit enforcement to prevent code execution from stack memory
- Memory-safe string functions (use
strncpy,snprintf,strlcpyinstead ofstrcpy,sprintf,gets) - Compiler hardening flags (
-D_FORTIFY_SOURCE=2, control-flow integrity) - Input validation with strict bounds checking on all externally-supplied data
- Memory-safe languages (Rust, Go) for new development to eliminate the vulnerability class entirely
Recent CVEs (771)
Stack overflow in Torrent 3GP Converter 1.51 via SEH overwrite. PoC available.
Stack buffer overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers to achieve code execution by manipulating scheduled reboot parameters without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high privileges but succeeds over the network with minimal complexity.
Stack overflow in Tenda AC9 firmware versions up to 15.03.06.42_multi allows remote attackers with high privileges to achieve complete system compromise through manipulation of the security.ddos.map parameter. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows remote attackers with low privileges to achieve complete system compromise through manipulation of QoS parameters. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the set_qosMib_list function in the /goform/formSetQosBand endpoint, enabling unauthorized code execution and data theft.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows authenticated remote attackers to achieve full system compromise through improper argument handling in the SetIpMacBind function. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should implement network segmentation and access controls to restrict administrative functionality until remediation is possible.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 MAC filtering endpoint allows authenticated remote attackers to achieve code execution through crafted device name or MAC address parameters. Public exploit code exists for this vulnerability and no patch is currently available. The flaw affects the /goform/setBlackRule component with high impact on confidentiality, integrity, and availability.
Remote code execution in Tenda RX3 firmware versions up to 16.03.13.11 via stack-based buffer overflow in the /goform/openSchedWifi endpoint allows unauthenticated attackers to execute arbitrary code by manipulating the schedStartTime and schedEndTime parameters. Public exploit code exists and no patch is currently available. This vulnerability affects network devices and poses an immediate risk to deployed systems.
Stack-based buffer overflow in Tenda RX3 firmware 16.03.13.11 allows unauthenticated remote attackers to achieve code execution by sending a malicious SSID value to the /goform/fast_setting_wifi_set endpoint. Public exploit code exists for this vulnerability and no patch is currently available. An attacker can exploit this to gain complete system compromise with high integrity and availability impact.
Wedding Slideshow Studio 1.36 has a second buffer overflow in the registration key input enabling code execution.
IP-COM W30AP wireless access point up to firmware 1.0.0.11 has a buffer overflow that allows remote attackers to execute code or crash the device.
Buffer overflow in 10-Strike Network Inventory Explorer 9.03 file import functionality allows attackers to execute arbitrary code via crafted import files. PoC available.
Stack overflow in Free Desktop Clock 3.0 triggered by crafted Time Zones display name input allows attackers to execute arbitrary code. PoC available.
Autodesk 3ds Max is vulnerable to arbitrary code execution when processing maliciously crafted GIF files due to a stack-based buffer overflow (CVE-2026-0536, CVSS 7.8). Local attackers can exploit this vulnerability by tricking users into opening a malicious GIF file to execute code with the privileges of the 3ds Max process. No patch is currently available.
Arbitrary code execution in Autodesk 3ds Max via malicious GIF file parsing exploits a stack-based buffer overflow vulnerability, allowing local attackers to execute code with the privileges of the application. The vulnerability requires user interaction to open a crafted GIF file and currently has no available patch. This affects 3ds Max users who may unknowingly process untrusted image files.
GoldWave 5.70 audio editor has a buffer overflow enabling code execution through crafted audio files.
Arbitrary code execution in iccDEV versions prior to 2.3.1.2 via stack-based buffer overflow in the icFixXml() function when parsing malformed ICC color profiles with crafted NamedColor2 tags. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with high impact on confidentiality, integrity, and availability. Public exploit code exists and a patch is available in version 2.3.1.2 and later.
TOTOLINK A950RG has a stack-based buffer overflow in a second endpoint, providing an additional RCE vector through the router's CGI interface.
ELECOM wireless LAN access point devices have a stack-based buffer overflow that allows remote attackers to execute code or crash the device via crafted packets.
Libsoup's multipart HTTP response parser contains a stack buffer overflow stemming from faulty length validation, enabling remote attackers to trigger memory corruption and potentially execute arbitrary code without authentication. Applications using libsoup to process untrusted server responses face crash or code execution risks. No patch is currently available.
Socusoft Photo to Video Converter Professional 8.07 contains a local buffer overflow vulnerability in the 'Output Folder' input field that allows attackers to execute arbitrary code. [CVSS 8.4 HIGH]
Nidesoft DVD Ripper 5.2.18 contains a local buffer overflow vulnerability in the License Code registration parameter that allows attackers to execute arbitrary code. [CVSS 8.4 HIGH]
Tenda AC21 firmware versions up to 16.03.08.16 contain a stack-based buffer overflow in the /goform/AdvSetMacMtuWan endpoint that can be exploited remotely by authenticated attackers to achieve arbitrary code execution. Public exploit code exists for this vulnerability, and no patch is currently available. The high CVSS score (8.8) reflects the severity of this flaw affecting device confidentiality, integrity, and availability.
A stack overflow in the mk_http_index_lookup function (mk_server/mk_http.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted HTTP request to the server. [CVSS 7.5 HIGH]
Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior.
Stack-based buffer overflow in GnuPG's tpm2daemon component allows local attackers to achieve full system compromise through specially crafted PKDECRYPT commands targeting TPM-backed RSA and ECC keys. Public exploit code exists for this vulnerability, which affects GnuPG versions before 2.5.17 and impacts users of GnuPG, Gpg4win, and Stack Overflow integrations. No patch is currently available, leaving systems vulnerable to local privilege escalation and arbitrary code execution.
GnuPG's gpg-agent fails to properly validate session key sizes in S/MIME messages, allowing remote attackers to trigger a stack buffer overflow via oversized CMS EnvelopedData payloads. Public exploit code exists for this vulnerability, which affects GnuPG versions before 2.5.17 and can be weaponized for denial of service or potentially remote code execution. No patch is currently available.
Suricata versions prior to 8.0.3 and 7.0.14 are vulnerable to a stack buffer overflow when processing oversized datasets with the save or state options enabled, allowing an attacker with network access to cause a denial of service. The vulnerability requires specific conditions to trigger but does not require authentication or user interaction. A patch is available in the latest versions.
Suricata versions 8.0.0 through 8.0.2 are susceptible to a stack overflow crash when processing network traffic with improperly configured body size limits. An unauthenticated remote attacker can trigger a denial of service by sending crafted requests that exceed the application's stack capacity. A patch is available in version 8.0.3, or administrators can apply the workaround of using default values for request-body-limit and response-body-limit configurations.
xrdp open-source RDP server before v0.10.5 has an unauthenticated stack buffer overflow enabling remote code execution.
The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. [CVSS 4.2 MEDIUM]
ASDA-Soft Stack-based Buffer Overflow Vulnerability [CVSS 7.8 HIGH]
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. [CVSS 4.0 MEDIUM]
Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run() method, which validates test cases and checks for duplicates. [CVSS 5.5 MEDIUM]
Stack-based buffer overflow in pymumu SmartDNS versions up to 47.1 within the SVBC Record Parser component allows remote attackers to cause information disclosure and limited integrity/availability impact through specially crafted DNS SVCB/HTTPS records. Exploitation requires high complexity and specific conditions, making practical attacks difficult. No patch is currently available.
ALGO 8180 has a stack-based buffer overflow in SIP INVITE Alert-Info header processing, enabling remote code execution through the VoIP protocol.
ALGO 8180 has a stack-based buffer overflow in SIP INVITE Replaces header processing enabling remote code execution through crafted VoIP calls.
Tenda AX3 firmware has another stack-based buffer overflow in formGetIptv through a different input path, enabling remote code execution.
Stack-based buffer overflow in Tenda AX1803 firmware version 1.0.0.1 allows unauthenticated remote attackers to execute arbitrary code by manipulating guest network parameters in the /goform/WifiGuestSet function. Public exploit code exists for this vulnerability, and no patch is currently available. This affects devices running the vulnerable firmware with network-accessible management interfaces.
ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large `decimalPlaces` values to the affected String constructors or concat methods, the `dtostrf` function writes beyond fixed-size stack buffers, causing memory corruption and denial of service. Under speci...
Tenda AX3 firmware has a third stack-based buffer overflow in formGetIptv, allowing unauthenticated remote code execution through the router's web interface.
Tenda AX3 firmware has a second stack overflow in formSetIptv via the vlanId parameter, allowing remote code execution through the IPTV configuration endpoint.
Tenda AX3 firmware v16.03.12.11 has a stack overflow in formSetIptv via the list parameter, enabling remote attackers to crash the router or execute arbitrary code.
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_727F4 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_72290 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub_60CFC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetWifiMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Imagemagick versions up to 7.1.2-13 is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.5).
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Denial-of-service in Juniper Junos OS Packet Forwarding Engine allows authenticated attackers to crash Forwarding Processor Cards by subscribing to telemetry sensors at scale, forcing service restarts and network disruption. The vulnerability affects Junos versions before 22.4R3-S7, 23.2R2-S4, and 23.4R2, with no patch currently available. Installation of specific YANG sensor packages mitigates the issue.
A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file. [CVSS 5.5 MEDIUM]
A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file. [CVSS 5.5 MEDIUM]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Inbit Messenger 4.6.0-4.9.0 has a second stack buffer overflow in the network handler. SEH overwrite leads to shellcode execution on Windows. PoC available.
Inbit Messenger 4.6.0-4.9.0 has unauthenticated RCE through a stack overflow in the XML protocol on port 10883. PoC available.
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system. [CVSS 7.2 HIGH]
Local privilege escalation in Azure Connected Machine Agent exploits a stack-based buffer overflow, enabling authenticated users to gain elevated system privileges. The vulnerability affects Azure and Stack Overflow deployments and requires local access with valid credentials to exploit. No patch is currently available for this high-severity issue.
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH]
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device. [CVSS 8.8 HIGH]
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device. [CVSS 8.8 HIGH]
RIOT OS ethos utility has a stack buffer overflow in _handle_char() due to missing bounds checking on serial frame data. Incoming frame bytes overflow a fixed-size stack buffer.
RIOT OS (IoT operating system) tapslip6 utility has a stack buffer overflow due to unbounded strcpy/strcat with user-controlled device name input. PoC available.
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy() and strcat() functions when constructing device paths during automatic device discovery.
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. [CVSS 7.6 HIGH]
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string. [CVSS 7.5 HIGH]
Panda3D egg-mkfont (through 1.10.16) has a stack buffer overflow via an unbounded sprintf() with attacker-controlled glyph pattern input. PoC available.
Local denial of service in iccDEV versions prior to 2.3.1.2 stems from a stack overflow in the calculator parser component, allowing unauthenticated users to crash the application through crafted input. Public exploit code exists for this vulnerability, which affects Stack Overflow and Iccdev products. A patch is available in version 2.3.1.2 and should be applied immediately.
iccDEV versions prior to 2.3.1.2 are vulnerable to stack overflow through malformed XML calculator macro expansion, allowing local attackers to trigger a denial of service condition. Public exploit code exists for this vulnerability, which affects ICC color profile manipulation tools used in Stack Overflow and Iccdev products. A patch is available in version 2.3.1.2 and should be applied promptly to mitigate exploitation risk.
Stack-based buffer overflow in the ONVIF SOAP XML parser of TP-Link Tapo C200 v3 (firmware ≤1.4.1) and C520WS v2.6 cameras enables unauthenticated remote code execution from adjacent networks. Attackers can send crafted SOAP requests with oversized namespace prefixes to trigger memory corruption and achieve full device compromise with elevated privileges. EPSS probability and KEV status indicate no public exploit identified at time of analysis, though the vulnerability affects widely deployed consumer IoT cameras with network exposure.
Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType parameter, which can cause memory corruption and enable remote code execution (RCE).
A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through 12.11.2.
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword()' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf()' without any sanitisation or validation, and then executed using 'system()'. This allows an attacker to inject arbitrary shell commands that will be executed with the same privileges as the application.
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter.
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter.
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent()' function when copying the user-controlled username input to a fixed-size buffer (48 bytes) without boundary checking. This can lead to memory corruption, resulting in possible remote code execution.
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' function uses “sprintf()” to format a string that includes the user-controlled input of 'GetParameter(meter)' in the fixed-size buffer 'acStack_4c' (64 bytes) without checking the length. An attacker can provide an excessively long value for the 'meter' parameter that exceeds the 64-byte buffer size.
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi' web application. The parameters are not being sanitised, which could lead to command injection.
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.