CVE-2022-32527

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IGSS Data Server - IGSSdataServer.exe versions prior to V15.0.0.22170

Description A buffer copy without checking the size of input vulnerability exists, potentially leading to a stack-based buffer overflow and remote code execution when an attacker sends specially crafted alarm cache data messages.

Recommendations For versions prior to V15.0.0.22170, update to version V15.0.0.22170 or later to resolve the issue. As a temporary workaround, consider restricting access to the alarm cache data messages to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2022-03862

CVE-2022-32527

Affected Products

Igss Data Server

CVE-2022-32527

Weakness Enumeration

Related Identifiers

Affected Products

References · 9