Lucene search
MitreCVELIST:CVE-2022-30904HistoryFeb 01, 2023 - 12:00 a.m.
CVE-2022-30904
2023-02-0100:00:00
mitre
www.cve.org
2
buffer overflow
bestechnic
bluetooth mesh sdk
provisioning
segn field
CVSS3
8.2
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
AI Score
9.2
Confidence
High
EPSS
0.001
Percentile
35.4%
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.
Related
nvd
nvd
CVE-2022-30904
2023-02-01 21:15:08
prion
prion
Buffer overflow
2023-02-01 21:15:00
cve
cve
CVE-2022-30904
2023-02-01 21:15:08
CVSS3
8.2
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
AI Score
9.2
Confidence
High
EPSS
0.001
Percentile
35.4%
Related for CVELIST:CVE-2022-30904