CVE-2023-33222 Information

Description

When handling contactless cards usage of a specific function to get additional information from the card which doesn’t check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device

Reference

https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf