Lucene search
IcscertCVE-2022-1405HistoryAug 31, 2022 - 4:15 p.m.
CVE-2022-1405
2022-08-3116:15:09
CWE-121
icscert
web.nvd.nist.gov
30
6
cncsoft
cve-2022-1405
buffer overflow
nvd
software security
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
42.6%
CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
Affected configurations
Node
deltawwcncsoftRange<1.01.32
CNA Affected
[
{
"product": "CNCSoft",
"vendor": "Delta Electronics",
"versions": [
{
"lessThan": "1.01.32",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2022-1405
2022-08-31 16:15:09
prion
prion
Stack overflow
2022-08-31 16:15:00
cvelist
cvelist
CVE-2022-1405 Delta Electronics CNCSoft Stack-based Buffer Overflow
2022-08-31 15:33:03
ics
ics
Delta Electronics CNCSoft
2022-05-12 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
42.6%
Related for CVE-2022-1405