Vulnerabilities > CVE-2021-23138 - Out-of-bounds Write vulnerability in We-Con Levistudiou

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

we-con

CWE-787

NVD

Published: 2022-01-14

Updated: 2022-02-09

Summary

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

Vulnerable Configurations

Part	Description	Count
Application	We-Con WE CON Levistudiou - WE CON Levistudiou 1.8.29 WE CON Levistudiou 1.8.44 WE CON Levistudiou 1.8.56 WE CON Levistudiou 1.8.69 WE CON Levistudiou 2019-09-21	6

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03
https://www.zerodayinitiative.com/advisories/ZDI-22-129/
https://www.zerodayinitiative.com/advisories/ZDI-22-141/
https://www.zerodayinitiative.com/advisories/ZDI-22-131/
https://www.zerodayinitiative.com/advisories/ZDI-22-142/
https://www.zerodayinitiative.com/advisories/ZDI-22-140/
https://www.zerodayinitiative.com/advisories/ZDI-22-134/
https://www.zerodayinitiative.com/advisories/ZDI-22-135/
https://www.zerodayinitiative.com/advisories/ZDI-22-133/
https://www.zerodayinitiative.com/advisories/ZDI-22-138/
https://www.zerodayinitiative.com/advisories/ZDI-22-139/
https://www.zerodayinitiative.com/advisories/ZDI-22-136/
https://www.zerodayinitiative.com/advisories/ZDI-22-137/