The flaw exists in the GetUserPasswd function in BwPAlarm.dll due to improper validation of user-supplied data before copying the data to a fixed size stack-based buffer when processing an IOCTL 70603 RPC message.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name