How severe is CVE-2021-21962?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2021-21962?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2021-21962

CRITICAL Year: 2021

CVSS v3 Score

9.0

Critical

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-122

View all →

Vulnerability Description

A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger this vulnerability.

CVE-2024-37310

CRITICAL

CVSS:9.0(Critical)

EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This ...

CWE-1222024

CVE-2020-27263

CRITICAL

CVSS:9.1(Critical)

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital ...

CWE-1222020

CVE-2022-2848

CRITICAL

CVSS:9.1(Critical)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The spec...

CWE-1222022

CVE-2023-5841

CRITICAL

CVSS:9.1(Critical)

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susce...

CWE-1222023