CVE-2021-37164

CRITICAL

Swisslog Healthcare HMI-3 Control Panel Firmware < 7.2.5.7 - Stack-Based Buffer Overflow in tcpTxThread

Title source: llm
STIX 2.1

Description

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.

Scores

CVSS v3 9.8
EPSS 0.0340
EPSS Percentile 87.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
swisslog-healthcare/hmi-3_control_panel_firmware < 7.2.5.7
Published Aug 02, 2021
Tracked Since Feb 18, 2026