Furthermore in case an attacker has some control over the read flash memory, this may result in execution of arbitrary code and platform compromise. In example `ux_slave_class_dfu_read` may read 4096 bytes (or more up to 65k) to a 256 byte buffer ultimately resulting in an overflow. Was ZDI-CAN-16554.Ī vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions = V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions ux_slave_class_dfu_read`, a buffer overflow may occur. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. ![]() ![]() The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. The specific flaw exists within the ACPI virtual device. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. ![]() ![]() This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |