CVE-2023-3959 Information

Description

Zavio CF7500 CF7300 CF7201 CF7501 CB3211 CB3212 CB5220 CB6231 B8520 B8220 and CD321

IP Cameras

with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03