CVE-2021-40418
published 2021-12-22CVE-2021-40418: When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
17.95%
96.8th percentile
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the uninitialized member will be dereferenced and then destroyed using the object’s virtual destructor. Due to the object property being uninitialized, this can result in dereferencing an arbitrary pointer for the object’s virtual method table, which can result in code execution under the context of the application.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| blackmagicdesign | davinci_resolve | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
58716
snort↗
58717
snort↗
58749
snort↗
58750
- →Exploitation is triggered when a specially crafted video file is submitted to the DPDecoder service as a job, resulting in an uninitialized object member dereference via an incorrect UUID parsed from a frame within the video container. ↗
- →Flag or inspect video files submitted to DaVinci Resolve's DPDecoder service; exploitation does not require user interaction and is activated during video file decode. ↗
- ·Confirmed vulnerable version is Blackmagic Design DaVinci Resolve 17.3.1.0005; Snort rules 58716, 58717, 58749, 58750 are subject to change as additional vulnerability information becomes available. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
27th December – Threat Intelligence Report
blogs_checkpoint·2021-12-26·CVSS 10.0
CVE-2021-44228 [CRITICAL] 27th December – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 27th December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 27th December, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Researchers have revealed an APT-like campaign targeting the US Federal Government Commission on international rights and religious freedom. Threat actors used a backdoor that possibly gave them full visibility and control over the compromised network for further exploitation.
New phishing campaign is luring victims in
Talos
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
blogs_talos·2021-12-20·CVSS 9.8
[CRITICAL] Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
## Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application.
DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available on multiple operating systems. Both these vulnerabilities exist in the DPDecoder service inside DaVinci Resolve.
TALOS-2021-1426 (CVE-2021-40417) is a heap-based buffer overflow vulnerability that occurs when the application faces an integer overflow condition that leads to a sign extension while trying to decode a video file. Alternatively, TALOS-2021-1427 (CVE-2021-40418) could also lead to code e
Talos
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
blogs_talos·2021-12-20·CVSS 9.8
CVE-2021-40417 [CRITICAL] Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application.
DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available on multiple operating systems. Both these vulnerabilities exist in the DPDecoder service inside DaVinci Resolve.
TALOS-2021-1426 (CVE-2021-40417) is a heap-based buffer overflow vulnerability that occurs when the application faces an integer overflow condition that leads to a sign extension while trying to decode a video file. Alternatively, TALOS-2021-1427 (CVE-2021-40418) could also lead to code execution, but is instead triggered as the result of an uninitialized object member as a result of an incorrect UUID.
2021-12-22
Published