CVE-2021-4478 HIGH

CVE-2021-4478: Dräger CC-Vision Basic and CC-Vision E-Cal Out-of-Bounds Write via Malicious GDT File

Vendor Dräger
Product CC-Vision Basic
Weakness CWE-787
Published June 2, 2026
Last update June 3, 2026

CVSS base score

8.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H

What the vulnerability does

01Description

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the underlying system.

Key dates

02Disclosure timeline

June 2, 2026 CVE published
June 3, 2026 Record updated