CVE 8.7 HIGH

Stack buffer overflow in method gdv-serverconfig_CVE-2026-35085

June 3, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root.

AI Analysis

Stack buffer overflow in method gdv-serverconfig allows remote attacker to gain full system access as root

Basic Information

ID CVE-2026-35085
Source CERTVDE
Published Jun 3, 2026 at 10:42

Affected Product

Vendor MBS
Product Single-A
Version V1_0_0_0
Affected Versions MBS Single-A V1_0_0_0
MBS Double-A Profibus V1_0_0_0
MBS Double-A x-link V1_0_0_0
MBS Single-X V1_0_0_0
MBS Double-X CAN V1_0_0_0
MBS Double-X DALI V1_0_0_0
MBS Double-X KNX V1_0_0_0
MBS Double-X LON V1_0_0_0
MBS Double-X M-Bus V1_0_0_0
MBS Double-X PROFINET V1_0_0_0
MBS Double-X x-link V1_0_0_0
MBS Triple-X KNX+DALI V1_0_0_0
MBS Triple-X KNX+LON V1_0_0_0
MBS Triple-X KNX+M-Bus V1_0_0_0
MBS Triple-X PROFINET+DALI V1_0_0_0
MBS Triple-X PROFINET+KNX V1_0_0_0
MBS Triple-X PROFINET+LON V1_0_0_0
MBS Triple-X PROFINET+M-Bus V1_0_0_0

CWE Classification

CWE-121

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor MBS
Product Single-A, Double-A Profibus, Double-A x-link, Single-X, Double-X CAN, Double-X DALI, Double-X KNX, Double-X LON, Double-X M-Bus, Double-X PROFINET, Double-X x-link, Triple-X KNX+DALI, Triple-X KNX+LON, Triple-X KNX+M-Bus, Triple-X PROFINET+DALI, Triple-X PROFINET+KNX, Triple-X PROFINET+LON, Triple-X PROFINET+M-Bus
Version V1_0_0_0

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.