CVE-2022-2471
Stack-Based Buffer Overflow Vulnerability in the EZVIZ Motion Detection component
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723.
Una vulnerabilidad de Desbordamiento del Búfer en la región Stack de la Memoria en el componente de detección de movimiento de EZVIZ usado en los modelos de cámara CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL permite a un atacante remoto ejecutar código remoto en el dispositivo. Este problema afecta a: EZVIZ CS-CV248 versiones anteriores a 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versiones anteriores a 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versiones anteriores a 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versiones anteriores a versión 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versiones anteriores a 5.3.5 build 220723
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-07-19 CVE Reserved
- 2022-09-15 CVE Published
- 2024-09-16 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-ezviz-smart-cams | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ezviz Search vendor "Ezviz" | Cs-c6n-a0-1c2wfr Firmware Search vendor "Ezviz" for product "Cs-c6n-a0-1c2wfr Firmware" | 5.3.0 Search vendor "Ezviz" for product "Cs-c6n-a0-1c2wfr Firmware" and version "5.3.0" | build201719 |
Affected
| in | Ezviz Search vendor "Ezviz" | Cs-c6n-a0-1c2wfr Search vendor "Ezviz" for product "Cs-c6n-a0-1c2wfr" | - | - |
Safe
|
| Ezviz Search vendor "Ezviz" | Cs-db1c-a0-1e2w2fr Firmware Search vendor "Ezviz" for product "Cs-db1c-a0-1e2w2fr Firmware" | 5.3.0 Search vendor "Ezviz" for product "Cs-db1c-a0-1e2w2fr Firmware" and version "5.3.0" | build211208 |
Affected
| in | Ezviz Search vendor "Ezviz" | Cs-db1c-a0-1e2w2fr Search vendor "Ezviz" for product "Cs-db1c-a0-1e2w2fr" | - | - |
Safe
|
| Ezviz Search vendor "Ezviz" | Cs-c6n-b0-1g2wf Firmware Search vendor "Ezviz" for product "Cs-c6n-b0-1g2wf Firmware" | 5.3.0 Search vendor "Ezviz" for product "Cs-c6n-b0-1g2wf Firmware" and version "5.3.0" | build210731 |
Affected
| in | Ezviz Search vendor "Ezviz" | Cs-c6n-b0-1g2wf Search vendor "Ezviz" for product "Cs-c6n-b0-1g2wf" | - | - |
Safe
|
| Ezviz Search vendor "Ezviz" | Cs-c3w-a0-3h4wfrl Firmware Search vendor "Ezviz" for product "Cs-c3w-a0-3h4wfrl Firmware" | 5.3.5 Search vendor "Ezviz" for product "Cs-c3w-a0-3h4wfrl Firmware" and version "5.3.5" | build220120 |
Affected
| in | Ezviz Search vendor "Ezviz" | Cs-c3w-a0-3h4wfrl Search vendor "Ezviz" for product "Cs-c3w-a0-3h4wfrl" | - | - |
Safe
|
| Ezviz Search vendor "Ezviz" | Cs-cv248 Firmware Search vendor "Ezviz" for product "Cs-cv248 Firmware" | 5.2.1 Search vendor "Ezviz" for product "Cs-cv248 Firmware" and version "5.2.1" | build180403 |
Affected
| in | Ezviz Search vendor "Ezviz" | Cs-cv248 Search vendor "Ezviz" for product "Cs-cv248" | - | - |
Safe
|