exploitDog

CVE-2023-4424

Опубликовано: 21 нояб. 2023

Источник: nvd

CVSS3: 8.3

CVSS3: 8.8

EPSS Низкий

Описание

An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device.

Ссылки

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3
Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*

Версия до 3.4.0 (включая)

EPSS

Процентиль: 34%

0.00135

Низкий

8.3 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-190

CWE-120

EPSS

Процентиль: 34%

0.00135

Низкий

8.3 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-190

CWE-120