CVE-2024-52288 RMAC revert to the beginning of the session in libosdp

libosdp is an implementation of IEC 60839-11-5 OSDP Open Supervised Device Protocol and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected REPLYCCRYPT or REPLYRMACI may be introduced into an active stream when they should not be. Once RMACI message can...

LibOSDP 安全漏洞

LibOSDP is a goToMain open source cross-platform open source implementation of the IEC 60839-11-5 Open Surveillance Device Protocol. Designed to improve interoperability between access control and security products. A security vulnerability exists in versions prior to LibOSDP 3.0.0 that stems fro...

GHSA-XHJW-7VH5-QXQM LibOSDP RMAC revert to the beginning of the session

Issues: - SCS14 is allowed on encrypted connection osdpphy.c - No validation for RMACI is only in response to osdpSCRYPT osdpcp.c - Couldn't find anything specific in the OSDP specifications indicating it is forbidden, I'm gussing it shouldn't be allowed according from the secure connection...

LibOSDP RMAC revert to the beginning of the session

Issues: - SCS14 is allowed on encrypted connection osdpphy.c - No validation for RMACI is only in response to osdpSCRYPT osdpcp.c - Couldn't find anything specific in the OSDP specifications indicating it is forbidden, I'm gussing it shouldn't be allowed according from the secure connection...