CVE-2026-35085
Stack Buffer Overflow in gdv-serverconfig Leads to Root Access
Publication date: 2026-06-03
Last updated on: 2026-06-03
Assigner: CERT VDE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a remote attacker with user privileges to exploit a stack buffer overflow in gdv-serverconfig and gain full system access as root.
Such unauthorized full system access could lead to unauthorized disclosure, modification, or destruction of sensitive data, which may impact compliance with data protection standards and regulations such as GDPR and HIPAA.
However, specific effects on compliance are not detailed in the provided information.
Can you explain this vulnerability to me?
This vulnerability is a stack buffer overflow in the gdv-serverconfig component that can be exploited remotely by an attacker who already has user privileges.
By exploiting this overflow, the attacker can escalate their privileges and gain full system access with root-level permissions.
How can this vulnerability impact me? :
The impact of this vulnerability is severe because it allows an attacker with limited user privileges to gain complete control over the affected system as root.
- Full system compromise
- Potential unauthorized access to sensitive data
- Ability to install malware or modify system configurations
- Disruption of system availability or integrity