CVE-2022-35219

Summary

The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.

Affected Software

VendorProductVersion RangeStatus
NHIcard’s web service componentdae0509e5aabde2f110ce8418af67cf7affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References