Details of VAR-202105-1696

ID

VAR-202105-1696

TITLE

ATO Technology Co., Ltd. NATouch touch screen has an integer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-26086

DESCRIPTION

Nanda Autotech Jiangsu Co., Ltd. is committed to independent research and development and production of cutting-edge industrial control products with reliable performance, excellent quality and advanced technology. There is an integer overflow vulnerability in the NATouch touch screen of Autotop Technology Co., Ltd. Attackers can use this vulnerability to cause the program to crash.

Trust: 0.6

sources: CNVD: CNVD-2021-26086

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-26086

AFFECTED PRODUCTS

vendor:

autotop

model:

natouch touch screen

scope:

version:

1.0.0.6

Trust: 0.6

sources: CNVD: CNVD-2021-26086

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-26086
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-26086
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-26086

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-26086

Trust: 0.6

sources: CNVD: CNVD-2021-26086

SOURCES

db:

CNVD

id:

CNVD-2021-26086

LAST UPDATE DATE

2022-05-04T09:08:34.586000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-26086

date:

2021-04-13T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-26086

date:

2021-05-01T00:00:00