Stack-Based Buffer Overflow in Delta Industrial Automation COMMGR
CVE-2021-27480

9.8CRITICAL

Key Information:

Vendor: Deltaww
Status: Delta Industrial Automation Commgr
Vendor: CVE Published:; 27 April 2021

What is CVE-2021-27480?

Delta Industrial Automation's COMMGR, specifically versions 1.12 and earlier, is susceptible to a stack-based buffer overflow. This vulnerability can be exploited by an attacker with the potential to execute arbitrary code remotely, posing significant security risks for systems utilizing this software. The vulnerability emerges from inadequate validation of input data, which can result in overwriting memory and ultimately lead to unauthorized actions within the affected system.

Affected Version(s)

Delta Industrial Automation COMMGR COMMGR: Version 1.12 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-110-03

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2021
Vulnerability Reserved
Feb 19, 2021

CVE-2021-27480 Data

JSON

Deltaww

What is CVE-2021-27480?

Affected Version(s)

References

CVSS V3.1

Timeline