github - ghsa-rvhx-r576-jx25

ghsa-rvhx-r576-jx25

Vulnerability from github

Published

2022-01-15 00:01

Modified

2022-01-22 00:02

Details

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-23138"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-14T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.",
  "id": "GHSA-rvhx-r576-jx25",
  "modified": "2022-01-22T00:02:08Z",
  "published": "2022-01-15T00:01:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23138"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-129"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-131"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-133"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-134"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-135"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-136"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-137"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-138"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-139"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-140"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-141"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-142"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-23138 (GCVE-0-2021-23138)

Vulnerability from cvelistv5

Published

2022-01-14 19:10

Modified

2025-04-16 18:02

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Summary

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

References

URL

Tags

	https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-03	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-133/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-139/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-134/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-136/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-138/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-141/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-137/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-131/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-135/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-142/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-129/	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-22-140/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	WECON	LeviStudioU	Version: All <

Show details on NVD website