admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-39xx/CVE-2023-3943.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

64 lines
2.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-3943",
"sourceIdentifier": "vulnerability@kaspersky.com",
"published": "2024-05-21T14:15:11.557",
"lastModified": "2024-11-21T08:18:22.410",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions.\n\nThis issue affects \nZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others)\n\n with firmware \nZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others."
},
{
"lang": "es",
"value": " La vulnerabilidad de desbordamiento del b\u00fafer basado en pila en dispositivos OEM basados en ZkTeco permite, en algunos casos, la ejecuci\u00f3n de c\u00f3digo arbitrario. Debido a la falta de mecanismos de protecci\u00f3n como stack canaries y PIE, es posible ejecutar c\u00f3digo con \u00e9xito incluso en condiciones restrictivas. Este problema afecta a dispositivos OEM basados en ZkTeco (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME y posiblemente otros) con firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 y posiblemente otros."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnerability@kaspersky.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "vulnerability@kaspersky.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-006.md",
"source": "vulnerability@kaspersky.com"
},
{
"url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-006.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink