Integer Overflow Vulnerability in NoMachine Enterprise Desktop

Integer Overflow Vulnerability in NoMachine Enterprise Desktop

CVE-2021-42977 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Learn more about our Cis Benchmark Audit For Desktop Software.