Secure Elements Class 5 AVR client (aka C5 EVM) prior to 2.8.1 allows remote malicious users to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
secure elements class 5 enterprise vulnerability management 2.8.0 |