CVE-2023-49700 — MEDIUM (6.7)

Vulnerability Description

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

LOW

Affected Products

Vendor	Product	Versions
Asrmicro	Asr1803 Firmware	cp01.057.063
Asrmicro	Asr1803	-
Asrmicro	Asr1806 Firmware	cp01.057.063
Asrmicro	Asr1806	-

Related Weaknesses (CWE)

CWE-120

References

https://www.asrmicro.com/en/goods/psirt?cid=31Vendor Advisory
https://www.asrmicro.com/en/goods/psirt?cid=31Vendor Advisory

FAQ

What is CVE-2023-49700?

CVE-2023-49700 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.

How severe is CVE-2023-49700?

CVE-2023-49700 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-49700?

Check the references section above for vendor advisories and patch information. Affected products include: Asrmicro Asr1803 Firmware, Asrmicro Asr1803, Asrmicro Asr1806 Firmware, Asrmicro Asr1806.