CVE-2023-45591
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Una vulnerabilidad CWE-122 de “desbordamiento de búfer de almacenamiento dinámico” en la función “logger_generic” del binario “Ax_rtu” permite que un atacante remoto autenticado desencadene una corrupción de memoria en el contexto del binario. Esto puede resultar en una condición de Denegación de Servicio (DoS), posiblemente en la ejecución de código arbitrario con los mismos privilegios del proceso (raíz), o tener otros impactos no especificados en el dispositivo. Este problema afecta: Paquete AiLux imx6 inferior a la versión imx6_1.0.7-2.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-10-09 CVE Reserved
- 2024-03-05 CVE Published
- 2024-03-06 EPSS Updated
- 2024-08-23 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
- CAPEC-92: Forced Integer Overflow
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| AiLux Search vendor "AiLux" | Imx6 Bundle Search vendor "AiLux" for product "Imx6 Bundle" | < 1.0.7-2 Search vendor "AiLux" for product "Imx6 Bundle" and version " < 1.0.7-2" | en |
Affected
| ||||||