Vulnerabilities ›

CVE-2021-47797

High

CWE-120 — Weakness Type

                    Published: Jan 16, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

7.5

🔗 NVD Official

📄 Description (English)

Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into the registration interface.

🤖 AI Executive Summary

Leawo Prof. Media 11.0.0.1 contains a buffer overflow vulnerability (CWE-120) in the activation keycode field that allows unauthenticated attackers to crash the application via oversized payloads. While currently unexploited in the wild, this vulnerability poses a denial of service risk to organizations using this media software. A patch is available and should be applied immediately to prevent service disruption.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 1, 2026 11:00

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily affects media production companies, broadcasting organizations, and creative agencies in Saudi Arabia that rely on Leawo Prof. Media for video/audio processing. Secondary impact on government media departments, educational institutions with media labs, and corporate communications teams. The denial of service nature makes it a business continuity concern rather than a data breach risk. Organizations in the entertainment and media sectors (particularly those supporting Vision 2030 digital initiatives) are most vulnerable.

🏢 Affected Saudi Sectors

Media and Broadcasting Entertainment Government Media Departments Education (Media Labs) Corporate Communications Creative Agencies

🎯 MITRE ATT&CK Techniques

T1499 - Endpoint Denial of Service T1499.004 - Application Exhaustion Flood T1203 - Exploitation for Client Execution

⚖️ Saudi Risk Score (AI)

5.2

/ 10.0

🔧 Remediation Steps (English)

1. IMMEDIATE ACTIONS:

   - Identify all systems running Leawo Prof. Media 11.0.0.1 across the organization

   - Restrict access to the application's registration interface to trusted personnel only

   - Disable remote access to systems running this software if not operationally necessary



2. PATCHING GUIDANCE:

   - Download and apply the latest patch from Leawo's official website immediately

   - Test the patch in a non-production environment first

   - Schedule patching during maintenance windows to minimize disruption

   - Verify patch installation by checking application version post-update



3. COMPENSATING CONTROLS (if patching delayed):

   - Implement application whitelisting to restrict execution

   - Monitor process crashes and application errors for anomalous patterns

   - Restrict user permissions to prevent unauthorized software installation

   - Use application sandboxing if available



4. DETECTION RULES:

   - Monitor for repeated application crashes with error codes related to buffer overflow

   - Alert on registration interface access attempts with unusually large input payloads

   - Track failed activation attempts with oversized keycode entries (>1000 characters)

   - Monitor system logs for Leawo Prof. Media process termination events

🔧 خطوات المعالجة (العربية)

1. الإجراءات الفورية:

   - تحديد جميع الأنظمة التي تعمل بـ Leawo Prof. Media 11.0.0.1 في المنظمة

   - تقييد الوصول إلى واجهة التسجيل للموظفين الموثوقين فقط

   - تعطيل الوصول البعيد للأنظمة التي تعمل بهذا البرنامج إن أمكن



2. إرشادات التصحيح:

   - تحميل وتطبيق أحدث تصحيح من الموقع الرسمي لـ Leawo فوراً

   - اختبار التصحيح في بيئة غير إنتاجية أولاً

   - جدولة التصحيح خلال نوافذ الصيانة لتقليل التأثير

   - التحقق من تثبيت التصحيح بفحص إصدار التطبيق بعد التحديث



3. الضوابط البديلة (إذا تأخر التصحيح):

   - تطبيق قائمة بيضاء للتطبيقات لتقييد التنفيذ

   - مراقبة أعطال التطبيق والأخطاء للأنماط الشاذة

   - تقييد أذونات المستخدم لمنع تثبيت البرامج غير المصرح بها

   - استخدام عزل التطبيقات إن توفرت



4. قواعد الكشف:

   - مراقبة أعطال التطبيق المتكررة المتعلقة بتجاوز المخزن المؤقت

   - تنبيهات محاولات الوصول لواجهة التسجيل برسائل كبيرة الحجم

   - تتبع محاولات التفعيل الفاشلة برموز مفاتيح كبيرة الحجم (>1000 حرف)

   - مراقبة سجلات النظام لأحداث إنهاء عملية Leawo Prof. Media

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring and logging

🔵 SAMA CSF

ID.RA-1 - Asset management and vulnerability identification PR.IP-12 - Software development and security practices DE.CM-1 - Detection and monitoring of anomalies

🟡 ISO 27001:2022

A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy and procedures A.12.4.1 - Event logging

🔗 References & Sources 3

🔗

https://www.exploit-db.com/exploits/50153

disclosure@vulncheck.com

🔗

https://www.leawo.org

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/leawo-prof-media-denial-of-service-dos-poc

disclosure@vulncheck.com

📊 CVSS Score

7.5

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.5

CWECWE-120

EPSS0.01%

Exploit No

Patch ✓ Yes

Published 2026-01-16

Source Feed nvd

🇸🇦 Saudi Risk Score

5.2

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-120

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2021-47797

💬 Comments

Introduce Yourself

Sign In Required