CVE-2024-0257

Summary

RoboDK v5.5.4

is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application.

Affected Software

VendorProductVersion RangeStatus
RoboDKRoboDKv5.5.4affected

Weaknesses

  • CWE-122: CWE-122 Heap-based Buffer Overflow

Workarounds

RoboDK did not respond to CISA's attempts at coordination. Users of RoboDK are encouraged to contact RoboDK and keep their systems up to date.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References