216.73.216.6

CVE-2025-5555

· Published 18/10/2025 08:15 · Modified 18/10/2025 08:15

Labels: CVE-2025-5555 2025-10-18CVE-2025-5555CWE-119[email protected]

Essential information

Published
18/10/2025 08:15
Modified
18/10/2025 08:15
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
nixdorf wincor / port io driver cpe:2.3:a:nixdorf_wincor:port_io_driver:*:*:*:*:*:*:*:*
nixdorf wincor / port io driver cpe:2.3:a:nixdorf_wincor:port_io_driver:3.0.0.1:*:*:*:*:*:*:*

References