When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying
internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code
Execution on the targeted device. This is especially problematic if you use Default DESFire key.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: IDEMIA
Published: 2023-12-15T11:32:48.427Z
Updated: 2024-08-02T15:39:35.729Z
Reserved: 2023-05-18T14:32:49.223Z
Link: CVE-2023-33221
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-15T12:15:43.927
Modified: 2023-12-21T19:25:12.393
Link: CVE-2023-33221
Redhat
No data.