Delta Electronics DIAScreen - Type Confusion, Out-of-bounds Write
CVE-2021-32965
7.8HIGH
Summary
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.
Affected Version(s)
DIAScreen All
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Kimiya, working with Trend Micro’s Zero Day Initiative, reported this vulnerability to CISA.