Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-123 (任意地址可写任意内容条件) — Vulnerability Class 32

32 vulnerabilities classified as CWE-123 (任意地址可写任意内容条件). AI Chinese analysis included.

CWE-123 represents a critical memory safety vulnerability where an attacker gains the ability to write arbitrary data to arbitrary memory locations, frequently resulting from unchecked buffer overflows. This weakness allows malicious actors to overwrite critical program structures, such as return addresses or function pointers, thereby hijacking control flow to execute injected shellcode or arbitrary commands. Exploitation typically involves crafting specific input that exceeds buffer boundaries, corrupting adjacent memory to achieve remote code execution or privilege escalation. To mitigate this risk, developers must implement rigorous bounds checking on all array accesses and buffer operations. Utilizing modern, memory-safe programming languages that handle memory management automatically, employing compiler-based protections like stack canaries and Address Space Layout Randomization, and conducting thorough static and dynamic code analysis are essential strategies to prevent such arbitrary writes and ensure application integrity.

MITRE CWE Description
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.
Common Consequences (3)
Integrity, Confidentiality, Availability, Access ControlModify Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, DoS: Crash, Exit, or Restart, Bypass Protection Mechanism
Clearly, write-what-where conditions can be used to write data to areas of memory outside the scope of a policy. Also, they almost invariably can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy. If the attacker can overwrite a pointer's w…
Integrity, AvailabilityDoS: Crash, Exit, or Restart, Modify Memory
Many memory accesses can lead to program termination, such as when writing to addresses that are invalid for the current process.
Access Control, OtherBypass Protection Mechanism, Other
When the consequence is arbitrary code execution, this can often be used to subvert any other security service.
Mitigations (2)
Architecture and DesignUse a language that provides appropriate memory abstractions.
OperationUse OS-level preventative functionality integrated after the fact. Not a complete solution.
Examples (1)
The classic example of a write-what-where condition occurs when the accounting information for memory allocations is overwritten in a particular fashion. Here is an example of potentially vulnerable code:
#define BUFSIZE 256 int main(int argc, char **argv) { char *buf1 = (char *) malloc(BUFSIZE); char *buf2 = (char *) malloc(BUFSIZE); strcpy(buf1, argv[1]); free(buf2); }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2026-41952 Acronis Cyber Protect Cloud Agent和Acronis DeviceLock DLP 安全漏洞 — Acronis DeviceLock DLP 7.8AIHighAI2026-04-29
CVE-2025-14857 Semtech LR11xx Memory Write Access Control Bypass — LR1110 6.8AIMediumAI2026-04-07
CVE-2025-29943 AMD CPU 安全漏洞 — AMD EPYC™ 9004 Series Processors 6.7 -2026-01-16
CVE-2025-9900 Libtiff: libtiff write-what-where 8.8 High2025-09-23
CVE-2025-7403 Bluetooth: bt_conn_tx_processor unsafe handling — Zephyr 7.6 High2025-09-19
CVE-2025-33045 Legacy Serial Redirection SMRAM Vulnerabilities — AptioV 8.2 High2025-09-09
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution — ImageMagick 7.5 High2025-08-26
CVE-2024-20141 MediaTek Chipsets 缓冲区错误漏洞 — MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8893 6.6 -2025-02-03
CVE-2024-47438 Substance3D - Painter | Write-what-where Condition (CWE-123) — Substance3D - Painter 5.5 Medium2024-11-12
CVE-2024-20119 MediaTek Chipsets 安全漏洞 — MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676 6.7AIMediumAI2024-11-04
CVE-2024-20118 MediaTek Chipsets 安全漏洞 — MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8676, MT8792 6.7AIMediumAI2024-11-04
CVE-2024-45142 Substance3D - Stager | Write-what-where Condition (CWE-123) — Substance3D - Stager 7.8 High2024-10-09
CVE-2024-42479 llama.cpp allows write-what-where in rpc_server::set_tensor — llama.cpp 10.0 Critical2024-08-12
CVE-2024-6563 Buffer Overflow Arbitrary Write — rcar_gen3_v2.5 7.5 High2024-07-08
CVE-2024-20741 Adobe Substance 3D Paint ICO Parsing Access Violation Write Vulnerability — Substance3D - Painter 7.8 High2024-02-15
CVE-2021-45465 Siemens Syngo FastView 安全漏洞 — syngo fastView 7.8 High2024-01-04
CVE-2022-38143 OpenImageIO 缓冲区错误漏洞 — OpenImageIO 9.8 -2022-12-23
CVE-2022-1523 Fuji Electric D300win Write-what-where condition — D300win 6.1 Medium2022-10-19
CVE-2022-40262 The arbitrary write vulnerability in S3Resume2Pei leads to arbitrary code execution during PEI phase. — Aptio 8.2 -2022-09-20
CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase. — Aptio 8.2 -2022-09-20
CVE-2021-38441 Eclipse CycloneDDS Write-what-where Condition — CycloneDDS 6.6 Medium2022-05-05
CVE-2021-42540 Emerson WirelessHART Gateway — WirelessHART Gateway 8.0 High2021-10-22
CVE-2021-38449 AUVESY Versiondog — Versiondog 9.8 Critical2021-10-22
CVE-2021-36057 XMP Toolkit SDK Write-What-Where Condition Could Lead To Local Application Denial Of Service — XMP Toolkit 3.3 -2021-09-01
CVE-2021-1520 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Local Privilege Escalation Vulnerability — Cisco Small Business RV Series Router Firmware 6.7 Medium2021-05-06
CVE-2021-1390 Cisco IOS XE Software Local Privilege Escalation Vulnerability — Cisco IOS XE Software 5.1 Medium2021-03-24
CVE-2020-7560 Schneider Electric EcoStruxure Control Expert 输入验证错误漏洞 — EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions) 7.8 -2020-12-11
CVE-2020-16225 Delta Electronics TPEditor 缓冲区错误漏洞 — Delta Electronics TPEditor 7.8 -2020-08-06
CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation — PAN-OS 8.1 High2020-05-13
CVE-2014-5435 Honeywell International Experion PKS 缓冲区错误漏洞 — Experion PKS 9.8 -2019-04-08

Vulnerabilities classified as CWE-123 (任意地址可写任意内容条件) represent 32 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.