CVE-2022-35218

Summary

The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

Affected Software

VendorProductVersion RangeStatus
NHIcard’s web service componentdae0509e5aabde2f110ce8418af67cf7affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References