Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU85062
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A local administrator attacker can trigger stack-based buffer overflow and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMR80: before 1.1.7.12
MS80: before 1.1.7.12
MK82: before 1.1.7.12
CBR750: before 4.6.14.4
RBRE960: before 7.2.6.21
RBSE960: before 7.2.6.21
RBKE962: before 7.2.6.21
MR70: before 7.0.2.26
MS70: before 7.0.2.26
MK72: before 7.0.2.26
MR60: before 1.1.6.124
MS60: before 1.1.6.124
MK62: before 1.1.6.124
RAX38v2: before 1.0.11.112
RAX48: before 1.0.11.112
RAX43: before 1.0.11.112
RAX50: before 1.0.11.112
RAX35v2: before 1.0.11.112
RAX45: before 1.0.11.112
RAX40v2: before 1.0.11.112
RAX50S: before 1.0.11.112
RAX42: before 1.0.11.112
RAXE500: before 1.0.10.82
RAXE450: before 1.0.10.82
RBR750: before 4.6.9.11
RBS750: before 4.6.9.11
RBK752: before 4.6.9.11
RBR850: before 4.6.9.11
RBS850: before 4.6.9.11
RBK852: before 4.6.9.11
RBR840: before 4.6.9.11
RBS840: before 4.6.9.11
RBK842: before 4.6.9.11
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.