CVE-2021-42993: Integer Overflow
First published: Tue Dec 07 2021(Updated: )
FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| RealFlex RealWin | >2.0.4340<5.3.14268 | |
| Microsoft Windows | ||
| RealFlex RealWin | >2.0.4340<5.3.14268 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-42993?
CVE-2021-42993 has a high severity rating due to its potential to allow local attackers to execute arbitrary code or cause system crashes.
How do I fix CVE-2021-42993?
To resolve CVE-2021-42993, upgrade FlexiHub to a version above 5.3.14268.
What versions of FlexiHub are affected by CVE-2021-42993?
FlexiHub versions between 2.0.4340 and 5.3.14268 are affected by CVE-2021-42993.
What impact does CVE-2021-42993 have on the system?
CVE-2021-42993 can lead to memory corruption, OS crashes, or arbitrary code execution in kernel mode.
Is CVE-2021-42993 exploitable by remote attackers?
CVE-2021-42993 is not directly exploitable by remote attackers as it requires local access.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/flexihub
- canonical/realflex realwin
- vendor/microsoft
- canonical/microsoft windows