Arbitrary Code Execution Vulnerability in Binary Ninja by Vector 35
CVE-2021-31516

7.8HIGH

Key Information:

Vendor: Vector 35
Status: Binary Ninja
Vendor: CVE Published:; 29 June 2021

What is CVE-2021-31516?

An arbitrary code execution vulnerability has been identified in Vector 35's Binary Ninja, specifically within version 2.3.2660 (Build ID 88f343c3). This security flaw arises from the improper validation of object existence during the parsing of BNDB files. As a result, remote attackers could execute arbitrary code in the context of the current process if the victim opens a malicious file or visits a malicious webpage. Awareness and timely updates are critical to mitigating this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Binary Ninja 2.3.2660 (Build ID 88f343c3)

References

https://binary.ninja/2021/06/03/2.4-release.html#security...

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-21-677/

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 29, 2021
Vulnerability Reserved
Apr 16, 2021

Credit

Mat Powell of Trend Micro Zero Day Initiative

JSON

Vector 35

What is CVE-2021-31516?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.