Lucene search

ASRCVELIST:CVE-2023-49701

HistoryNov 30, 2023 - 7:15 a.m.

CVE-2023-49701 Out-of-bounds access a buffer in SIM management

2023-11-3007:15:14

CWE-119

ASR

www.cve.org

cve-2023-49701

buffer access

sim management

memory corruption

usimphase2init

7.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Memory Corruption in SIM management while USIMPhase2init

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Falcon",
    "vendor": "ASR",
    "versions": [
      {
        "lessThan": "CP01.057.063",
        "status": "unaffected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.asrmicro.com/en/goods/psirt?cid=31

7.2 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for CVELIST:CVE-2023-49701