CVE-2023-6116 Vulnerability Details

  /     /     /  

CVE-2023-6116 Metadata Quick Info

CVE Published: 26/04/2024 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: Hanwha_Vision | Vendor: Hanwha Vision Co., Ltd. | Product: XRN-420S
Status : PUBLISHED

CVE-2023-6116 Description

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the camera. An attacker could inject malicious into http request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer\'s report for details and workarounds.

Metrics

CVSS Version: 3.1 | Base Score: 8.9 HIGH
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-121
CWE Name: CWE-121 Stack-based Buffer Overflow
Source: Hanwha Vision Co., Ltd.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-100
CAPEC Description: CAPEC-100 Overflow Buffers


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2023-6116 Vulnerability Details