cbcvebase.
CVE-2023-33218
published 2023-12-15

CVE-2023-33218: The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code…

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.14%
62.5th percentile
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device.

Affected

14 ranges
VendorProductVersion rangeFixed in
idemiamorphowave_compact_firmware< 2.12.22.12.2
idemiamorphowave_compact_xp< 2.12.22.12.2
idemiamorphowave_sp< 1.2.71.2.7
idemiamorphowave_sp_firmware< 1.2.71.2.7
idemiamorphowave_xp_firmware< 2.12.22.12.2
idemiasigma_extreme< 4.15.54.15.5
idemiasigma_extreme_firmware< 4.15.54.15.5
idemiasigma_lite_+_firmware< 4.15.54.15.5
idemiasigma_lite_firmware< 4.15.54.15.5
idemiasigma_lite_lite< 4.15.54.15.5
idemiasigma_wide< 4.15.54.15.5
idemiasigma_wide_firmware< 4.15.54.15.5
idemiavisionpass< 2.12.22.12.2
idemiavisionpass_firmware< 2.12.22.12.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.