Vulnerabilities ›

CVE-2026-35083

High

CWE-121 — Weakness Type

                    Published: Jun 3, 2026                      ·  Modified: Jun 10, 2026                      ·  Source: NVD                

CVSS v3

8.8

🔗 NVD Official

📄 Description (English)

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root.

🤖 AI Executive Summary

CVE-2026-35083 is a stack buffer overflow vulnerability (CWE-121) that allows authenticated remote attackers to achieve arbitrary code execution with root privileges. The vulnerability has a CVSS score of 8.8, indicating high severity and significant risk to affected systems.

📄 Description (Arabic)

ثغرة تجاوز مخزن مؤقت في المكدس تسمح للمهاجمين البعيدين الذين لديهم امتيازات المستخدم باستغلالها للحصول على وصول كامل للنظام برصلاحيات الجذر. تؤثر هذه الثغرة على سلامة النظام وسريته بشكل كبير وتتطلب تصحيحاً فورياً.

🤖 ملخص تنفيذي (AI)

This vulnerability enables remote attackers with user-level access to exploit a stack buffer overflow and gain complete system control with root privileges. With a CVSS score of 8.8, it poses a critical threat to system integrity and confidentiality.

🤖 AI Intelligence Analysis Analyzed: Jun 7, 2026 18:01

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

banking telecom energy government healthcare

🎯 MITRE ATT&CK Techniques

T1190 T1548 T1059 T1078

⚖️ Saudi Risk Score (AI)

9.0

/ 10.0

🔧 Remediation Steps (English)

Apply security patches immediately when available. Implement network segmentation to restrict user access. Deploy intrusion detection systems to monitor for exploitation attempts. Enforce principle of least privilege for user accounts. Monitor system logs for suspicious buffer overflow attempts.

🔧 خطوات المعالجة (العربية)

طبّق التصحيحات الأمنية فوراً عند توفرها. نفّذ تقسيم الشبكة لتقييد وصول المستخدمين. نشّر أنظمة كشف الاختراق لمراقبة محاولات الاستغلال. فرّض مبدأ أقل صلاحية للحسابات. راقب سجلات النظام للكشف عن محاولات تجاوز المخزن المؤقت المريبة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.7.1.1 A.7.2.1 A.8.1.1 A.12.2.1

🔵 SAMA CSF

ID.AM-2 PR.AC-1 PR.AC-4 DE.CM-1

🟡 ISO 27001:2022

A.5.1.1 A.6.1.1 A.7.1.1 A.12.2.1 A.12.6.1

🔗 References & Sources 1

🔗

https://www.certvde.com/en/advisories/VDE-2026-039/

info@cert.vde.com

Vendor Advisory

📦 Affected Products / CPE 1 entries

mbs-solutions:universal_gateway_firmware

📊 CVSS Score

8.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.8

CWECWE-121

EPSS0.10%

Exploit No

Patch ✗ No

Published 2026-06-03

Source Feed nvd

🇸🇦 Saudi Risk Score

9.0

/ 10.0 — Saudi Risk

Priority: CRITICAL

🏷️ Tags

CWE-121

🏢 Vendor Advisories

🔗 https://www.certvde.com/en/advisories/VDE-2026-039/

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-35083

Introduce Yourself

Sign In Required