CVE-2022-32959

Name of the Vulnerable Software and Affected Versions HiCOS (affected versions not specified)

Description The issue is related to a stack-based buffer overflow vulnerability in the client-side citizen digital certificate component when reading IC card due to insufficient parameter length validation for OS information. This can be exploited by an unauthenticated physical attacker to execute arbitrary code, manipulate system data, or terminate the service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.