CVE-2021-21903

Name of the Vulnerable Software and Affected Versions iC Module CMA version 5.0

Description A stack-based buffer overflow issue exists in the CMA check udp crc function. This can be triggered by a specially-crafted packet, leading to a buffer overflow during a call to strcpy. An attacker can exploit this by sending a malicious packet.

Recommendations For version 5.0, consider disabling the check udp crc function as a temporary workaround until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the strcpy function in the affected area until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.