exploitDog

GHSA-wj56-2fcc-f3r3

Опубликовано: 21 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.8

Описание

HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.

HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.

Ссылки

EPSS

Процентиль: 17%

0.00053

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-32961

CVSS3: 6.8

nvd

больше 3 лет назад

HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.

EPSS

Процентиль: 17%

0.00053

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-787