6 matches found
CVE-2024-7546
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7543
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7544
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7546 oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...
CVE-2024-7545
CVE-2024-7545 affects oFono via a heap-based buffer overflow in STK command PDU parsing. The flaw arises from insufficient validation of user-supplied data length, enabling a local attacker to execute code with the service account context after gaining code execution on the target modem. Evidence...
CVE-2024-7543
CVE-2024-7543 affects oFono with a heap-based buffer overflow in SimToolKit processing of STK command PDUs. The root cause is improper validation of user-supplied data length before copying to a heap buffer, allowing a local attacker to execute code in the service account context. Documents also ...