PT-2024-29634 · Delta Electronics · Cncsoft-G2

Natnael Samson

Published

2024-04-30

Updated

2024-06-12

CVE-2024-4192

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Electronics CNCSoft-G2 (affected versions not specified)

Description The issue is related to a lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This allows an attacker to execute code in the context of the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

CVE-2024-4192

ZDI-24-620

ZDI-24-621

ZDI-24-622

ZDI-24-623

ZDI-24-624

ZDI-24-625

ZDI-24-626

ZDI-24-627

ZDI-24-628

ZDI-24-629

ZDI-24-630

ZDI-24-631

ZDI-24-632

ZDI-24-633

ZDI-24-634

ZDI-24-635

ZDI-24-636

ZDI-24-637

ZDI-24-638

ZDI-24-639

ZDI-24-640

ZDI-24-641

ZDI-24-642

ZDI-24-643

ZDI-24-644

ZDI-24-645

ZDI-24-646

ZDI-24-647

ZDI-24-648

ZDI-24-649

ZDI-24-650

ZDI-24-651

ZDI-24-652

ZDI-24-653

ZDI-24-654

ZDI-24-655

ZDI-24-656

ZDI-24-657

ZDI-24-658

ZDI-24-659

ZDI-24-660

ZDI-24-661

ZDI-24-662

ZDI-24-663

Affected Products

Cncsoft-G2

PT-2024-29634 · Delta Electronics · Cncsoft-G2

CVE-2024-4192

Weakness Enumeration

Related Identifiers

Affected Products

References · 50