CVE-2021-21958
published 2022-02-16CVE-2021-21958: A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file…
PriorityP337high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
1.03%
59.4th percentile
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hancom | hancom_office_2020 | — | — |
| hancom | hancom_office_2020 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
blogs_talos·2022-02-16·CVSS 7.8
[HIGH] Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
## Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code.
Hancom Office offers similar services to that of Microsoft Office, including word processing and spreadsheet creation and management.
TALOS-2021-1386 (CVE-2021-21958) exists in Hancom Office’s HwordApp.dll. An attacker-created malicious document could trigger a heap-based buffer overflow, eventually leading to code execution and/or memory corruption if the attacker follows a specific attack vector.
Cisco Talos
Talos
Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
blogs_talos·2022-02-16·CVSS 7.8
CVE-2021-21958 [HIGH] Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code.
Hancom Office offers similar services to that of Microsoft Office, including word processing and spreadsheet creation and management.
TALOS-2021-1386 (CVE-2021-21958) exists in Hancom Office’s HwordApp.dll. An attacker-created malicious document could trigger a heap-based buffer overflow, eventually leading to code execution and/or memory corruption if the attacker follows a specific attack vector.
Cisco Talos worked with Hancom to ensure that these issues are resolved and an update is available for affected custome
2022-02-16
Published