Unrated severityNVD Advisory· Published Dec 15, 2023· Updated Aug 2, 2024

Stack buffer overflow when reading DESFire card

CVE-2023-33222

Description

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device

Affected products

Idemia/Morpho Wave Compactcpe-rescue
Range: 0
IDEMIA/MorphoWave SPv5
Range: 0
IDEMIA/SIGMA Extremev5
Range: 0
IDEMIA/SIGMA Lite & Lite +v5
Range: 0
IDEMIA/SIGMA Widev5
Range: 0
Idemia/VisionPasscpe-rescue
Range: 0

Patches

Vulnerability mechanics

References

www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000