CVE-2023-33220

Summary

During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device

Affected Software

VendorProductVersion RangeStatus
IDEMIASIGMA Lite & Lite +0 < 4.15.5affected
IDEMIASIGMA Wide0 < 4.15.5affected
IDEMIASIGMA Extreme0 < 4.15.5affected
IDEMIAMorphoWave Compact/XP0 < 2.12.2affected
IDEMIAVisionPass0 < 2.12.2affected
IDEMIAMorphoWave SP0 < 1.2.7affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References