9.8
CVE-2025-22882
- EPSS 0.35%
- Veröffentlicht 30.04.2025 07:34:43
- Zuletzt bearbeitet 25.08.2025 03:15:36
- Quelle 759f5e80-c8e1-4224-bead-956d7b
- CVE-Watchlists
- Unerledigt
LoginISPSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based buffer overflow vulnerability that could allow an attacker to leverage debugging logic to execute arbitrary code when parsing CBDGL file.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.265 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 759f5e80-c8e1-4224-bead-956d7b33c98b | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2025-00004_ISPSoft%20-%20Multiple%20Vulnerabilities_v2.pdf