CVE-2021-4478
Out-of-Bounds Write in Dräger CC-Vision Basic and E-Cal
Publication date: 2026-06-02
Last updated on: 2026-06-02
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dräger | cc-vision_basic | to 7.5.3 (exc) |
| dräger | cc-vision_e-cal | to 7.2.5.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dräger CC-Vision Basic versions before 7.5.3 and Dräger CC-Vision E-Cal versions before 7.2.5.0. It is caused by an out-of-bounds write when loading .gdt files. Specifically, a specially crafted .gdt file can trigger a buffer overflow during the file parsing process.
This buffer overflow can allow an attacker to either crash the application or execute malicious code on the underlying system.
How can this vulnerability impact me? :
The impact of this vulnerability includes the potential for an attacker to crash the affected application, causing denial of service.
More seriously, the attacker may be able to execute arbitrary malicious code on the underlying system, which could lead to unauthorized control, data manipulation, or further compromise of the system.