Secure Elements Class 5 AVR (aka C5 EVM) prior to 2.8.1 do not validate the source address of a message, which allows remote malicious users to (1) execute arbitrary code on a client or (2) forge messages to the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
secure elements class 5 enterprise vulnerability management 2.8.0 |