Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras with firmware version M2.1.6.05 are
vulnerable to multiple instances of stack-based overflows. While parsing
certain XML elements from incoming network requests, the product does
not sufficiently check or validate allocated buffer size. This may lead
to remote code execution.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 | Third Party Advisory US Government Resource |
https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
21 Nov 2024, 08:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 - Third Party Advisory, US Government Resource |
15 Nov 2023, 22:31
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
First Time |
Zavio cb3211 Firmware
Zavio cf7500 Firmware Zavio cb5220 Zavio cb3211 Zavio cf7300 Zavio cb3212 Zavio b8520 Firmware Zavio cd321 Zavio b8220 Firmware Zavio cf7300 Firmware Zavio cf7201 Firmware Zavio cf7501 Firmware Zavio b8520 Zavio cb5220 Firmware Zavio cf7201 Zavio cb6231 Firmware Zavio cf7500 Zavio cf7501 Zavio cb6231 Zavio Zavio cb3212 Firmware Zavio cd321 Firmware Zavio b8220 |
|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 - Third Party Advisory, US Government Resource | |
CPE | cpe:2.3:h:zavio:cb6231:-:*:*:*:*:*:*:* cpe:2.3:o:zavio:cd321_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:cb6231_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:h:zavio:cf7300:-:*:*:*:*:*:*:* cpe:2.3:o:zavio:cf7201_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:h:zavio:cd321:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:cb3212:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:cf7201:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:cb3211:-:*:*:*:*:*:*:* cpe:2.3:o:zavio:cb3212_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:cb3211_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:cf7300_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:b8520_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:b8220_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:h:zavio:b8520:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:cf7500:-:*:*:*:*:*:*:* cpe:2.3:o:zavio:cf7501_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:h:zavio:cf7501:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:b8220:-:*:*:*:*:*:*:* cpe:2.3:h:zavio:cb5220:-:*:*:*:*:*:*:* cpe:2.3:o:zavio:cb5220_firmware:m2.1.6.05:*:*:*:*:*:*:* cpe:2.3:o:zavio:cf7500_firmware:m2.1.6.05:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
08 Nov 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-08 23:15
Updated : 2024-11-21 08:26
NVD link : CVE-2023-45225
Mitre link : CVE-2023-45225
CVE.ORG link : CVE-2023-45225
JSON object : View
Products Affected
zavio
- cf7300_firmware
- cb6231
- cb3212_firmware
- cf7500
- b8220
- b8220_firmware
- cf7501
- cf7300
- cb3212
- cd321_firmware
- cb3211
- cf7500_firmware
- cf7501_firmware
- cd321
- cb6231_firmware
- b8520_firmware
- cf7201
- cb5220
- cf7201_firmware
- cb3211_firmware
- b8520
- cb5220_firmware