Vulnerabilities > CVE-2022-41415 - Out-of-bounds Write vulnerability in Acer Altos W2000H-W570H F4 Firmware R01.03.0018

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

acer

CWE-787

critical

NVD

Published: 2022-10-19

Updated: 2022-10-20

Summary

Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable.

Vulnerable Configurations

Part	Description	Count
OS	Acer Acer Altos W2000H W570H F4 Firmware R01.03.0018	1
Hardware	Acer Acer Altos W2000H W570H F4 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md
http://altos.com
http://acer.com