Products
ThroughTek Kalay SDK
Source
cve-requests@bitdefender.com
Tags
CVE-2023-6323 details
Published : May 15, 2024, 1:15 p.m.
Last Modified : May 15, 2024, 4:40 p.m.
Last Modified : May 15, 2024, 4:40 p.m.
Description
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
CVSS Score
1 | 2 | 3 | 4.3 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
Base Score
4.3
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
URL | Source |
---|---|
https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/ | cve-requests@bitdefender.com |
This website uses the NVD API, but is not approved or certified by it.