CVE-2023-28502
Published: 29 March 2023
Summary
CVE-2023-28502 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Rocketsoftware Universe. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 1.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 contain a stack-based buffer overflow in the udadmin service. The flaw, tracked under CWE-120 and CWE-787, carries a CVSS 3.1 score of 9.8 and permits unauthenticated remote code execution.
An attacker with network access to the UniRPC listener can send a crafted request that overflows the buffer, resulting in arbitrary code execution with root privileges on the affected server. No authentication or user interaction is required, and the attack can be performed over the network.
Public references, including Rapid7’s advisory and Packet Storm postings, point to vendor-supplied updates that remediate the issue by correcting the buffer handling in the udadmin component. Administrators are advised to upgrade UniData and UniVerse to the fixed builds listed in the vendor notices.
EPSS for the CVE rose from low values after disclosure to a peak of 0.8060 in December 2025 before receding to the current 0.6792, indicating increased exploitation interest well after the initial publication. Public proof-of-concept material has been available since shortly after the March 2023 disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-32172
Vulnerability details
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the…
more
root user.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.