CVE-2023-0779 — Improper Input Validation in Zephyr
Severity
7.7HIGHNVD
CNA6.7
EPSS
0.3%
top 47.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 30
Description
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:HExploitability: 2.2 | Impact: 5.5