Stack-based Buffer Overflow in HMI3 Control Panel of Swisslog Healthcare Nexus Panel

Stack-based Buffer Overflow in HMI3 Control Panel of Swisslog Healthcare Nexus Panel

CVE-2021-37164 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.