← voltar
CVE-2023-45225

Zavio IP Camera Stack-Based Buffer Overflow

CVSS 9.8 CRITICALEPSS 1.3%CWE-121
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras  with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Zavio · IP Camera B8220Zavio · IP Camera B8520Zavio · IP Camera CB3211Zavio · IP Camera CB3212Zavio · IP Camera CB5220Zavio · IP Camera CB6231Zavio · IP Camera CD321Zavio · IP Camera CF7201Zavio · IP Camera CF7300Zavio · IP Camera CF7500Zavio · IP Camera CF7501

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03