Lucene search
ZephyrCVE-2023-0779HistoryMay 30, 2023 - 9:15 p.m.
CVE-2023-0779
2023-05-3021:15:08
CWE-476
CWE-20
zephyr
web.nvd.nist.gov
24
cve-2023-0779
information security
invalid pointer
device crash
memory layout
exploitation
nvd
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
34.5%
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible.
Affected configurations
Node
zephyrprojectzephyrRange≤3.2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zephyrproject | zephyr | * | cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "zephyrproject-rtos",
"product": "zephyr",
"versions": [
{
"version": "unspecified",
"lessThan": "v3.3",
"status": "affected",
"versionType": "custom"
},
{
"version": "unspecified",
"lessThanOrEqual": "v2.7.4",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2023-05-30 21:15:00
cvelist
cvelist
CVE-2023-0779 net: shell: Improper input validation
2023-05-30 00:00:00
nvd
nvd
CVE-2023-0779
2023-05-30 21:15:08
CVSS3
7.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
34.5%
Related for CVE-2023-0779