Vulnerabilities > CVE-2021-43983 - Out-of-bounds Write vulnerability in We-Con Levistudiou

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

we-con

CWE-787

NVD

Published: 2021-12-13

Updated: 2022-02-28

Summary

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	We-Con WE CON Levistudiou - WE CON Levistudiou 1.8.29 WE CON Levistudiou 1.8.44 WE CON Levistudiou 1.8.56 WE CON Levistudiou 1.8.69 WE CON Levistudiou 2019-09-21	6

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.cisa.gov/uscert/ics/advisories/icsa-21-343-02
https://www.zerodayinitiative.com/advisories/ZDI-22-043/
https://www.zerodayinitiative.com/advisories/ZDI-22-042/
https://www.zerodayinitiative.com/advisories/ZDI-22-041/
https://www.zerodayinitiative.com/advisories/ZDI-22-040/
https://www.zerodayinitiative.com/advisories/ZDI-22-036/
https://www.zerodayinitiative.com/advisories/ZDI-22-047/
https://www.zerodayinitiative.com/advisories/ZDI-22-046/
https://www.zerodayinitiative.com/advisories/ZDI-22-035/
https://www.zerodayinitiative.com/advisories/ZDI-22-034/
https://www.zerodayinitiative.com/advisories/ZDI-22-045/
https://www.zerodayinitiative.com/advisories/ZDI-22-044/
https://www.zerodayinitiative.com/advisories/ZDI-22-039/
https://www.zerodayinitiative.com/advisories/ZDI-22-038/
https://www.zerodayinitiative.com/advisories/ZDI-22-037/