CVE-2022-3349

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sony PS4 and PS5 (affected versions not specified)

Description A critical issue affects the exFAT Handler component, specifically the UVFAT readupcasetable function. The manipulation of the dataLength argument leads to a heap-based buffer overflow. This issue can be exploited by launching an attack on the physical device.

Recommendations Upgrade the affected exFAT Handler component to a newer version. As a temporary workaround, consider restricting access to the UVFAT readupcasetable function until a patch is available. Avoid manipulating the dataLength argument in the affected component until the issue is resolved.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

CVE-2022-3349

Affected Products

Ps4

Ps5

CVE-2022-3349

Weakness Enumeration

Related Identifiers

Affected Products

References · 4