CVE-2021-44504
Published: 15 April 2022
Summary
CVE-2021-44504 is a high-severity Incorrect Calculation (CWE-682) vulnerability in Fisglobal Gt.M. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 32.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-31337
Vulnerability details
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as…
more
a negative value during a check. This value is then used in a memcpy call on the stack, causing a memory segmentation fault.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.