CVE-2023-33219

Summary

The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device

Affected Software

VendorProductVersion RangeStatus
IDEMIASIGMA Lite & Lite +0 < 4.15.5affected
IDEMIASIGMA Wide0 < 4.15.5affected
IDEMIASIGMA Extreme0 < 4.15.5affected
IDEMIAMorphoWave Compact/XP0 < 2.12.2affected
IDEMIAVisionPass0 < 2.12.2affected
IDEMIAMorphoWave SP0 < 1.2.7affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References