Buffer overflow in CloudMe - #VU28209

 

Buffer overflow in CloudMe - #VU28209

Published: May 25, 2020


Vulnerability identifier: #VU28209
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: N/A
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: CloudMe
Affected software:
CloudMe

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error. A remote attacker can send a specially crafted payload, trigger memory corruption and execute arbitrary code on the target system or cause the application to crash.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources