11 matches found
CVE-2022-32962
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...
Double free
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...
CVE-2022-32962 HiCOS’ client-side citizen digital certificate - Double Free
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...
Hicos Citizen Certificate Client-side Component 安全漏洞
Hicos Citizen Certificate Client-side Component is a citizen certificate client-side component. A security vulnerability exists in the Hicos Citizen Certificate Client-side Component that stems from insufficient validation of parameter lengths for operating system information, which could be...
Hicos Citizen Certificate Client-side Component 资源管理错误漏洞
Hicos Citizen Certificate Client-side Component is a citizen certificate client-side component. A security vulnerability exists in the Hicos Citizen Certificate Client-side Component, which can be exploited by an unauthenticated attacker to corrupt memory and execute arbitrary code, manipulate...
Hicos Citizen Certificate Client-side Component 缓冲区错误漏洞
Hicos Citizen Certificate Client-side Component is a citizen certificate client-side component. A security vulnerability exists in the Hicos Citizen Certificate Client-side Component that stems from insufficient validation of the length of the parameters of a token message, which can be exploited...
CVE-2022-32960
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
CVE-2022-32962
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...
Command injection
Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate...
CVE-2020-12775
CVE-2020-12775 affects the Hicos Citizen Certificate Client-side Component. The issue is that it does not filter special characters in command parameters within specific web URLs, enabling an unauthenticated remote attacker to perform a command injection and execute arbitrary system commands, pot...
CVE-2020-12775 Hicos citizen certificate client-side component - Command Injection
Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate...