CVE-2022-32961

Name of the Vulnerable Software and Affected Versions HICOS (affected versions not specified)

Description The client-side citizen digital certificate component of HICOS has a stack-based buffer overflow issue when reading an IC card, due to insufficient validation of token information parameter length. This can be exploited by an unauthenticated physical attacker to execute arbitrary code, manipulate system data, or terminate the service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.