CVE-2023-21508
published 2023-05-04CVE-2023-21508: Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | samsung_blockchain_keystore | < 1.3.12.1 | 1.3.12.1 |
| samsung_mobile | samsung_blockchain_keystore | >= unspecified < 1.3.12.1 | 1.3.12.1 |