This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Buffer Overflow in **User ID Input** field. π₯ **Consequences**: Remote attackers can execute **arbitrary code** on the target Windows system. Critical integrity and availability loss.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: **CWE-122** (Heap-based Buffer Overflow). The flaw lies in how the software handles the **User ID input field**, failing to validate bounds properly.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **Mersenne Research Prime95**. Specifically **Version 29.8 build 6**. Runs on **Windows** OS. Vendor: Mersenne Research, Inc.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Full **Code Execution**. Can gain **High** Confidentiality, Integrity, and Availability impact. Essentially, **Total System Control**.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Exploitation Threshold**: **LOW**. CVSS: **AV:N** (Network), **AC:L** (Low Complexity), **PR:N** (No Privileges), **UI:N** (No User Interaction). Easy to exploit remotely.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exploit**: **YES**. ExploitDB ID **47802** is available. Wild exploitation is possible as the vector is network-based and requires no user interaction.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for **Prime95** installed on Windows. Verify version is exactly **29.8 build 6**. Look for network-facing services exposing the User ID input.
π§ **No Patch Workaround**: **Isolate** the machine. Block network access to the Prime95 service. Disable the application if not strictly needed for Mersenne Prime searches.