2 matches found
CVE-2023-33222
When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-33222
CVE-2023-33222 describes a stack-based buffer overflow when reading DESFire contactless cards due to a function that does not check data boundaries. Affected context is described as a card-reader/readerStack overflow leading to potential Remote Code Execution on the targeted device. Exploitation ...