Stack Overflow Vulnerability in OpenSC Smart Card Middleware by OpenSC
CVE-2021-34193

7.5HIGH

Key Information:

Vendor: Opensc Project
Status: Opensc
Vendor: CVE Published:; 22 August 2023

🔔 Create Opensc Project Vulnerability Alert

What is CVE-2021-34193?

The vulnerability in OpenSC smart card middleware prior to version 0.23 allows remote attackers to exploit crafted responses to Application Protocol Data Units (APDUs). This stack overflow can lead to unexpected behavior or potentially allow execution of arbitrary code, which can compromise the security of applications utilizing this middleware. It highlights the importance of diligence in software updates to mitigate such threats.

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Jun 7, 2021

CVE-2021-34193 Data

JSON