CVE-2021-32471
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."
Una comprobación insuficiente de la entrada en la implementación de Marvin Minsky 1967 de Universal Turing Machine, permite a usuarios del programa ejecutar código arbitrario por medio de datos diseñados. Por ejemplo, un cabezal de cinta puede tener una ubicación inesperada después del procesamiento de una entrada compuesta por As y Bs (en lugar de 0s y 1s). NOTA: el descubridor afirma que "this vulnerability has no real-world implications"
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-07 CVE Reserved
- 2021-05-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://arxiv.org/abs/2105.02124 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/intrinsic-propensity/turing-machine | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Universal Turing Machine Search vendor "Mit" for product "Universal Turing Machine" | - | - |
Affected
| ||||||