Back to overview

CVE-2026-13592

HIGH
7.3
CVSS 3.1
Description
A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is possible. The exploit is now public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The patch is named 3a0159ed43125dcd024a1965f0289cb186bae9ff. To fix this issue, it is recommended to deploy a patch.

Metadata

CVE ID
CVE-2026-13592
State
PUBLISHED
Assigner
VulDB
Reserved
2026-06-29 05:04 UTC
Published
2026-06-29 17:15 UTC
Last updated
2026-06-29 17:15 UTC
Primary CWE
CWE-787
Out-of-bounds Write
Vendor / Product
liftoff-sr / CIPster
Sources
cve.org  ·  NVD

Severity & Metrics

7.3 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Affected products (1)
VendorProductPlatformVersions
liftoff-sr CIPster e8e9dba09bf56962807d3504b783ccdb6287f3e4
Weakness (CWE)
CWESourceDescription
CWE-119 cna Memory Corruption
CWE-787 cna Out-of-bounds Write
CVSS scores (4)
ScoreSeverityVersionSourceVector
7.5 N/D 2.0 cna AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C
7.3 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
7.3 HIGH 3.0 cna CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
6.9 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
References (9)
Back to overview