Buffer Access with Incorrect Length Value

CVE-2023-5396

High

7.4/10

Summary

Server receiving a malformed message creates connection for a hostname that may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-805 - Buffer Access with Incorrect Length Value

The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

References

Advisory Timeline

Published Apr 17, 2024

Buffer Access with Incorrect Length Value

CVE-2023-5396

Summary

CWE-805 - Buffer Access with Incorrect Length Value

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS