CVE-2022-32962

Summary

HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.

Affected Software

VendorProductVersion RangeStatus
HINETHiCOS’ client-side citizen digital certificateunspecified <= 11 3.0.3.30306affected
HINETHiCOS’ client-side citizen digital certificateunspecified <= 11 3.1.0.00002affected
HINETHiCOS’ client-side citizen digital certificateunspecified <= 11 3.0.3.30404affected

Weaknesses

  • CWE-415: CWE-415 Double Free

ADP Enrichment

CVE Program Container

Additional References

References