Описание
HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hinet:hicos_natural_person_credential_component_client:3.0.3.30306:*:*:*:*:linux:*:*
cpe:2.3:a:hinet:hicos_natural_person_credential_component_client:3.0.3.30404:*:*:*:*:macos:*:*
cpe:2.3:a:hinet:hicos_natural_person_credential_component_client:3.1.0.00002:*:*:*:*:windows:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 6.8
github
больше 3 лет назад
HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.
EPSS
Процентиль: 21%
0.00069
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-787
CWE-787