Lucene search
IcscertCVELIST:CVE-2021-38427HistoryMay 05, 2022 - 3:25 p.m.
CVE-2021-38427 RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow
2022-05-0515:25:21
CWE-121
icscert
www.cve.org
4
cve-2021-38427
stack-based buffer overflow
local attacker
arbitrary code execution
CVSS3
6.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
EPSS
0
Percentile
0.4%
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
CNA Affected
[
{
"product": "Connext DDS Professional",
"vendor": "RTI",
"versions": [
{
"lessThanOrEqual": "6.1.0",
"status": "affected",
"version": "4.2x",
"versionType": "custom"
}
]
},
{
"product": "Connext DDS Secure",
"vendor": "RTI",
"versions": [
{
"lessThanOrEqual": "6.1.0",
"status": "affected",
"version": "4.2x",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-38427
2022-05-05 17:15:09
prion
prion
Stack overflow
2022-05-05 17:15:00
cve
cve
CVE-2021-38427
2022-05-05 17:15:09
ics
ics
Multiple Data Distribution Service (DDS) Implementations (Update A)
2022-02-01 12:00:00
CVSS3
6.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
EPSS
0
Percentile
0.4%
Related for CVELIST:CVE-2021-38427