Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2023-6324
- EPSS 0.59%
- Published 15.05.2024 13:15:26
- Last modified 11.02.2025 21:32:50
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
8.8
CVE-2023-6321
- EPSS 0.54%
- Published 15.05.2024 13:15:25
- Last modified 11.02.2025 21:32:39
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
6.5
CVE-2023-6323
- EPSS 0.23%
- Published 15.05.2024 13:15:25
- Last modified 11.02.2025 21:32:45
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.
1