Description
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability.
Published: 2024-05-15
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-58564 A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger this vulnerability.
History

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00299}

 epss

{'score': 0.00288}

Tue, 11 Feb 2025 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Roku
Roku indoor Camera Se
Roku indoor Camera Se Firmware
Throughtek
Throughtek kalay Platform
Wyze
Wyze cam V3
Wyze cam V3 Firmware
Weaknesses CWE-787
CPEs cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*
cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*
cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*
cpe:2.3:o:roku:indoor_camera_se_firmware:3.0.2.4679:*:*:*:*:*:*:*
cpe:2.3:o:wyze:cam_v3_firmware:4.36.11.5859:*:*:*:*:*:*:*
Vendors & Products Roku
Roku indoor Camera Se
Roku indoor Camera Se Firmware
Throughtek
Throughtek kalay Platform
Wyze
Wyze cam V3
Wyze cam V3 Firmware

Subscriptions

Roku Indoor Camera Se Indoor Camera Se Firmware
Throughtek Kalay Platform
Wyze Cam V3 Cam V3 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Bitdefender

Published:

Updated: 2024-08-02T08:28:21.761Z

Reserved: 2023-11-27T14:22:34.488Z

Link: CVE-2023-6322

cve-icon Vulnrichment

Updated: 2024-08-02T08:28:21.761Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-15T13:15:25.543

Modified: 2025-02-11T21:32:42.377

Link: CVE-2023-6322

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses