Memory Corruption Vulnerability in Cscape (All versions prior to 9.90 SP4)

Memory Corruption Vulnerability in Cscape (All versions prior to 9.90 SP4)

CVE-2021-22678 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Cscape (All versions prior to 9.90 SP4) lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process.

Learn more about our User Device Pen Test.