ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others
Impact: Some of the described vulnerabilities impose restrictions on input data, for example, data is copied to zero bytes, which makes successful exploitation quite difficult, but not impossible. Due to the lack of protection mechanisms against exploitation: stack canary, PIE, it is possible to successfully execute code even in cases with restrictions.
Access Vector: Remote
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0
CVE-2023-3943
Multiple buffer overflow vulnerabilities were identified in an executable and a library on a device. These vulnerabilities stem from the improper handling of user-controlled data, which is copied to stack buffers without size checks using unsafe functions like strcpy and sprintf. The issues occur across several command handlers and processing functions, allowing for potential overflows when excess data is received. These vulnerabilities can lead to stack buffer overflows and potentially result in arbitrary code execution.
Apply patch from vendor when it will be available for your device.
Vulnerability was discovered by Georgy Kiguradze from Kaspersky.