CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47949

The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.526

EPSS Ranking 97.8%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2022-47949

Nintendo » Animal Crossing » Version: _new_horizons

cpe:2.3:a:nintendo:animal_crossing:_new_horizons
Nintendo » Arms » Version: N/A

cpe:2.3:a:nintendo:arms:-
Nintendo » Mario Kart 7 » Version: N/A

cpe:2.3:a:nintendo:mario_kart_7:-
Nintendo » Mario Kart 8 » Version: N/A

cpe:2.3:a:nintendo:mario_kart_8:-
Nintendo » Splatoon » Version: N/A

cpe:2.3:a:nintendo:splatoon:-
Nintendo » Splatoon 2 » Version: N/A

cpe:2.3:a:nintendo:splatoon_2:-
Nintendo » Splatoon 3 » Version: N/A

cpe:2.3:a:nintendo:splatoon_3:-
Nintendo » Super Mario Maker 2 » Version: N/A

cpe:2.3:a:nintendo:super_mario_maker_2:-
Nintendo » Switch Sports » Version: N/A

cpe:2.3:a:nintendo:switch_sports:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47949

Products

Pricing

Contact Us