Contactless Card Vulnerability: Remote Code Execution via Stack-Based Buffer Overflow

Contactless Card Vulnerability: Remote Code Execution via Stack-Based Buffer Overflow

CVE-2023-33222 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device

Learn more about our Contact.