| |
Vulnerability CVE-2024-39883
Published: 2024-07-09 Modified: 2024-07-10
| Description: |
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. |
Type:
CWE-122 (Heap-based Buffer Overflow)
References: |
https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
