← Back to CVEs
CVE-2020-27281
HIGH7.8
Description
A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code.
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published1/11/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
deltaww:cncsoft_screeneditor
Weaknesses (CWE)
CWE-121CWE-787
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-005-06(ics-cert@hq.dhs.gov)
https://www.zerodayinitiative.com/advisories/ZDI-21-039/(ics-cert@hq.dhs.gov)
https://us-cert.cisa.gov/ics/advisories/icsa-21-005-06(af854a3a-2127-422b-91ae-364da2661108)
https://www.zerodayinitiative.com/advisories/ZDI-21-039/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.