cbcvebase.
CVE-2023-39435
published 2023-11-08

CVE-2023-39435: Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.23%
65.1th percentile
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certain settings sent from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

Affected

22 ranges
VendorProductVersion rangeFixed in
zaviob8220_firmware
zaviob8520_firmware
zaviocb3211_firmware
zaviocb3212_firmware
zaviocb5220_firmware
zaviocb6231_firmware
zaviocd321_firmware
zaviocf7201_firmware
zaviocf7300_firmware
zaviocf7500_firmware
zaviocf7501_firmware
zavioip_camera_b8220
zavioip_camera_b8520
zavioip_camera_cb3211
zavioip_camera_cb3212
zavioip_camera_cb5220
zavioip_camera_cb6231
zavioip_camera_cd321
zavioip_camera_cf7201
zavioip_camera_cf7300
zavioip_camera_cf7500
zavioip_camera_cf7501

Detection & IOCsextracted from sources · hover to see the quote

  • Trigger condition: stack-based buffer overflow occurs during processing of settings updates sent via incoming network requests — monitor for anomalously large or malformed network payloads directed at Zavio IP camera management interfaces
  • Affected firmware version M2.1.6.05 on Zavio IP Camera models CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, CD321 — fingerprint devices running this firmware version for prioritized patching/isolation
  • Attack vector is network-based with low privilege required (CVSS PR:L) and no user interaction — monitor for authenticated but low-privilege sessions sending unusually large settings-update requests to camera management interfaces
  • ·Affected products are end-of-life with no vendor firmware fix available; no patch or mitigation from Zavio will be released — only network isolation or device replacement is viable
  • ·No known public exploitation of CVE-2023-39435 has been reported at time of advisory publication — threat intelligence feeds should be monitored for future exploitation activity
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.