CVE-2021-42983: Buffer Overflow
First published: Tue Dec 07 2021(Updated: )
NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NoMachine Enterprise Client | >4.0.346<7.7.4 | |
| >4.0.346<7.7.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of the Buffer Overflow vulnerability affecting NoMachine Enterprise Client?
The vulnerability ID is CVE-2021-42983.
What is the severity of CVE-2021-42983?
The severity of CVE-2021-42983 is high with a CVSS score of 8.8.
Which software versions of NoMachine Enterprise Client are affected by CVE-2021-42983?
NoMachine Enterprise Client versions above 4.0.346 and below 7.7.4 are affected by CVE-2021-42983.
What can an attacker do with CVE-2021-42983?
An attacker can execute arbitrary code in kernel mode or cause a denial of service by exploiting CVE-2021-42983.
Is there a fix available for CVE-2021-42983?
It is recommended to update NoMachine Enterprise Client to a version higher than or equal to 7.7.4 to mitigate CVE-2021-42983.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/nomachine
- canonical/nomachine enterprise client