6.8
CVE-2021-31642
- EPSS 30.21%
- Veröffentlicht 01.06.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:06:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginA denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will crash the web portal and making it unavailable until a reboot of the device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Chiyu-tech ≫ Semac S2 Firmware Version-
Chiyu-tech ≫ Semac D1 Firmware Version-
Chiyu-tech ≫ Semac D2 Firmware Version-
Chiyu-tech ≫ Semac D4 Firmware Version-
Chiyu-tech ≫ Semac S3v3 Firmware Version-
Chiyu-tech ≫ Semac D2 N300 Firmware Version-
Chiyu-tech ≫ Semac S1 Osdp Firmware Version-
Chiyu-tech ≫ Bf-631 Firmware Version-
Chiyu-tech ≫ Bf-630 Firmware Version-
Chiyu-tech ≫ Webpass Firmware Version-
Chiyu-tech ≫ Biosense Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 30.21% | 0.965 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.