CVE-2022-35222
6.8
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HINET | HiCOS Citizen verification component - Stack Buffer Overflow | libHicos_p11v1.so CHT PKCS#11 3.0.3.30306 | affected |
| HINET | HiCOS Citizen verification component - Stack Buffer Overflow | HiCOSPKCS11.dll CHT PKCS#11 3.1.0.00002 | affected |
| HINET | HiCOS Citizen verification component - Stack Buffer Overflow | libHicos_p11v1.dylib CHT PKCS#11 3.0.3.30404 | affected |
Weaknesses
- CWE-787: CWE-787 Out-of-bounds Write
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.