CVE-2023-33220

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue arises during the retrofit validation process, where the firmware fails to properly check boundaries while copying certain attributes. This oversight allows for a stack-based buffer overflow, potentially leading to Remote Code Execution on the targeted device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

CVE-2023-33220

Affected Products

Morphowave Compact/Xp

Morphowave Sp

Sigma Extreme

Sigma Lite & Lite +

Sigma Wide

Visionpass

Morphowave Compact Firmware

Morphowave Xp Firmware

Sigma Extreme Firmware

Sigma Lite Firmware

Sigma Wide Firmware

Visionpass Firmware

CVE-2023-33220

Weakness Enumeration

Related Identifiers

Affected Products

References · 5