What is CVE-2021-42698?

CVE-2021-42698 is a high-severity vulnerability in Azeotech Daqfactory, classified under Deserialization of Untrusted Data. CVSS score: 7.8/10. Published 2021-11-05.

How severe is CVE-2021-42698?

High severity. CVSS v3 base score is 7.8 out of 10.

Deserialization in Azeotech Daqfactory

CVE-2021-42698

Project files are stored memory objects in the form of binary serialized data that can later be read and deserialized again to instantiate the original objects in memory. Malicious manipulation of these files may allow an attacker to corru…

Vulnerability class: Insecure Deserialization

EPSS: 0.001 (31.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Azeotech Daqfactory — versions All versions

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

References

us-cert.cisa.gov/ics/advisories/icsa-21-308-02 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-42698?: CVE-2021-42698 is a high-severity vulnerability in Azeotech Daqfactory, classified under Deserialization of Untrusted Data. CVSS score: 7.8/10. Published 2021-11-05.
How severe is CVE-2021-42698?: High severity. CVSS v3 base score is 7.8 out of 10.