Vulnerability Description
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ailux | Imx6 | < 1.0.7-2 |
Related Weaknesses (CWE)
References
- https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45591Third Party Advisory
- https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45591Third Party Advisory
FAQ
What is CVE-2023-45591?
CVE-2023-45591 is a vulnerability with a CVSS score of 7.5 (HIGH). A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the...
How severe is CVE-2023-45591?
CVE-2023-45591 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-45591?
Check the references section above for vendor advisories and patch information. Affected products include: Ailux Imx6.