Arbitrary Value Write Vulnerability in Eclipse CycloneDDS XML Parser

Arbitrary Value Write Vulnerability in Eclipse CycloneDDS XML Parser

CVE-2021-38443 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser.

Learn more about our Web Application Penetration Testing UK.