Impact
This vulnerability is a stack-based buffer overflow (CWE-121) that corrupts the program’s call stack, permitting an attacker to execute arbitrary code on the affected system. The impact is the loss of confidentiality, integrity, and availability as the attacker gains full control of the application.
Affected Systems
Affected software is Labcenter Proteus. Versions 8.x and higher are vulnerable. The vendor recommends upgrading to the latest release, 9.2 SPO, which contains the necessary fix.
Risk and Exploitability
The CVSS score of 8.4 indicates a high severity. available, and the vulnerability is not listed in the CISA KEV catalog. The exploit path is not fully disclosed, but a stack overflow typically requires either local access or an opportunity to deliver a crafted input, possibly through the software’s simulation interfaces.
OpenCVE Enrichment