PT-2021-20017 · Delta Electronics · Tpeditor

Kimiya

Published

2021-08-26

Updated

2021-09-03

CVE-2021-33007

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Electronics TPEditor versions 1.98.06 and prior

Description A heap-based buffer overflow may be exploited by processing a specially crafted project file, potentially allowing an attacker to execute arbitrary code.

Recommendations For versions 1.98.06 and prior, avoid processing untrusted project files until a patch is available. As a temporary workaround, consider restricting access to the file parsing functionality to minimize the risk of exploitation.

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

CVE-2021-33007

ZDI-21-1023

Affected Products

Tpeditor

PT-2021-20017 · Delta Electronics · Tpeditor

CVE-2021-33007

Weakness Enumeration

Related Identifiers

Affected Products

References · 5