PT-2023-4364 · Ge Digital · Ge Digital Cimplicity
Michael Heinzl
·
Published
2023-07-18
·
Updated
2023-07-28
·
CVE-2023-3463
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
GE Digital CIMPLICITY versions (affected versions not specified)
Description
The issue is related to memory corruption due to insufficient input validation, including out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code. The vulnerability is associated with the possibility of writing beyond the buffer in memory, which can be exploited by a remote attacker to execute arbitrary code by loading a malicious file.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Heap Based Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ge Digital Cimplicity