Overview
- Description
- Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsys:promotic:*:*:*:*:stable:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFBDE7CA-2C10-41F0-B3CE-E91BF17E1675",
"versionEndIncluding": "8.2.18"
},
{
"criteria": "cpe:2.3:a:microsys:promotic:*:*:*:*:development:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E116CC94-63C1-4DD7-A8CA-282CA2A2EF29",
"versionEndIncluding": "8.3.1"
}
],
"operator": "OR"
}
]
}
]