CVE-2023-32656 — DEPRECATED: Improper Sanitization of Custom Special Characters in Intel Realsense 450 FA Firmware

CWE-92 — DEPRECATED: Improper Sanitization of Custom Special Characters CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-862 — Missing Authorization4 documents4 sources

Severity

7.8HIGHNVD

CNA5.3

EPSS

0.1%

top 81.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Realsense 450 FA Firmware

Timeline

PublishedAug 11

Latest updateApr 22

Description

Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDintel/realsense_450_fa_firmware0.25.0

🔴Vulnerability Details

GHSA

Ant Media Server vulnerable to a local privilege escalation↗2024-04-22

▶

CVEList

CVE-2023-32656: Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0↗2023-08-11

▶

GHSA

GHSA-jc3f-f7h5-f3wv: Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0↗2023-08-11

▶