CVE-2020-16199

7.8

7.8 / 10
HIGH

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

Weakness: Out-of-bounds Write

The software writes data past the end, or before the beginning, of the intended buffer.

Published: 2020-08-04

Researcher Credit

kimiya

Vulnerable Products

Cncsoft Screeneditor

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2020-16199 Exploits

Exploits for CVE-2020-16199 are not publicly available.

Access our inventory of exclusive N-Day CVE Exploits, provided for legal security research and testing purposes. Inquire about our offerings by email: [email protected] (PGP key).

Official CVE References

View references (4)

cisa.gov/ics/advisories/icsa-20-217-01
zerodayinitiative.com/advisories/ZDI-20-939/
zerodayinitiative.com/advisories/ZDI-20-940/
zerodayinitiative.com/advisories/ZDI-20-943/