PT-2021-2784 · Delta Industrial Automation · Commgr

Peter Cheng

Published

2021-04-21

Updated

2021-05-07

CVE-2021-27480

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Delta Industrial Automation COMMGR versions 1.12 and prior

Description The issue is related to a stack-based buffer overflow in the Delta Industrial Automation COMMGR software. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The exploitation of this issue may enable an attacker to execute remote code.

Recommendations For versions 1.12 and prior, update to a version that fixes the stack-based buffer overflow issue to prevent potential remote code execution. As a temporary workaround, consider restricting access to the COMMGR software until a patch is available.

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2021-02327

CVE-2021-27480

Affected Products

Commgr

PT-2021-2784 · Delta Industrial Automation · Commgr

CVE-2021-27480

Weakness Enumeration

Related Identifiers

Affected Products

References · 9