TVN ID | TVN-202207006 |
---|---|
CVE ID | CVE-2022-35222 |
CVSS | 6.8 (Medium) CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Affected Products | Linux: libHicos_p11v1.so CHT PKCS#11 3.0.3.30306 Windows: HiCOSPKCS11.dll CHT PKCS#11 3.1.0.00002 macOS: libHicos_p11v1.dylib CHT PKCS#11 3.0.3.30404 |
Description | HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service. |
Solution | Download the latest version from MOICA內政部憑證管理中心官網(https://moica.nat.gov.tw/rac_plugin.html) |
Credit | how2hack (CCoE) |
Public Date | 2022-07-29 |