CVE Published: 20/07/2022 |
CVE Updated: 16/09/2024 |
CVE Year: 2022 Source: twcert |
Vendor: HINET |
Product: HiCOS’ client-side citizen digital certificate Status : PUBLISHED
CVE-2022-32962 Description
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.
Metrics
CVSS Version: 3.1 |
Base Score: 6.8 MEDIUM Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H