Information security specialists report the detection of a severe vulnerability in Vim, the improved version of the Vi text editor, present in all UNIX systems and developed by Bram Moolenar in 1991. According to the report, successful exploitation of this vulnerability could result in a total compromise of the affected system.

Tracked as CVE-2022-0729, the flaw exists due to a boundary error when processing files in the application would allow remote threat actors to execute arbitrary code on the victim’s system using specially crafted files.

This is a highly severe vulnerability and received a score of 7.7/10 according to the Common Vulnerability Scoring System (CVSS). Information security experts note that the flaw exists in all Vim versions prior to v8.2.4440.

While the flaw can be exploited by unauthenticated remote threat actors, no active exploitation attempts or the existence of a malware variant linked to the exploitation have been identified so far. Still, Vim’s developers recommend applying the available patches as soon as possible to mitigate the risk of attack to the minimum possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Critical buffer overflow vulnerability in Vim text editor. Update your servers appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

Buffer overflow and code injection vulnerabilities in CODESYS

Cybersecurity specialists reported the finding of at least 4 critical vulnerabilities in…

Zero day XSS vulnerability is SIP protocol can be exploited to take control of VOIP servers and communications

A recent report points out that it is possible to abuse Session…

Critical vulnerabilities allow hacking medical surgical robots and putting lives at risk

Engineering firm Aethon announced the correction of various vulnerabilities in its Tug…