CVE-2021-37164
N/A
N/A
Summary
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.swisslog-healthcare.com
- https://www.armis.com/PwnedPiper
- https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
- https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37164-bulletin—off-by-three-stack-overflow-in-tcptxthread.pdf?rev=daf615075c71484c8059c906872a51e6&hash=1FCC1A5D921E231D71E6B95A9AA8B741
References
- https://www.swisslog-healthcare.com
- https://www.armis.com/PwnedPiper
- https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
- https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37164-bulletin—off-by-three-stack-overflow-in-tcptxthread.pdf?rev=daf615075c71484c8059c906872a51e6&hash=1FCC1A5D921E231D71E6B95A9AA8B741
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.