Double Free Vulnerability in HiCOS' Client-Side Citizen Certificate Component

CVE-2022-32962 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.

Learn more about our Physical Security Assessment.