https://feed.craftedsignal.io/tags/cve-2017-20228/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioSat, 28 Mar 2026 12:16:02 +0000https://feed.craftedsignal.io/briefs/2026-03-flat-assembler-overflow/Sat, 28 Mar 2026 12:16:02 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-flat-assembler-overflow/Flat Assembler version 1.71.21 is susceptible to a stack-based buffer overflow vulnerability, allowing local attackers to achieve arbitrary code execution by providing a crafted, oversized input file.<p>The Flat Assembler (FASM) version 1.71.21 is vulnerable to a stack-based buffer overflow (CVE-2017-20228). This vulnerability allows a local attacker to execute arbitrary code on a vulnerable system. The attack requires the attacker to supply a specially crafted assembly file as input to FASM. By providing an input file larger than 5895 bytes, the attacker can overwrite the instruction pointer, leading to arbitrary code execution. This is achieved through return-oriented programming (ROP)…</p> highadvisorycve-2017-20228buffer-overflowlocal-privilege-escalation