An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to trigger this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openweave openweave-core 4.0.2 |