CVE-2020-27281

Published Jan 11, 2021

Last updated 3 months ago

Overview

Description
A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code.
Source
ics-cert@hq.dhs.gov
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
6.8
Impact score
6.4
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

ics-cert@hq.dhs.gov
CWE-121
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

Configurations