CVE Tools
Sign in

CVE-2023-48229

Out-of-bounds write in the radio driver for Contiki-NG nRF platforms

Published: Feb 14, 2024Updated: Jan 6, 2025 Sources: CVE List NVDCWE-787
NVD MITRE
7.0CVSSHIGH
EPSS Score
0.4%
Top 69.7%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds write exists in the driver for IEEE 802.15.4 radios on nRF platforms in the Contiki-NG operating system. The problem is triggered when parsing radio frames in the `read_frame` function in the `arch/cpu/nrf/net/nrf-ieee-driver-arch.c` module. More specifically, the `read_frame` function performs an incomplete validation of the payload length of the packet, which is a value that can be set by an external party that sends radio packets to a Contiki-NG system. Although the value is validated to be in the range of the MTU length, it is not validated to fit into the given buffer into which the packet will be copied. The problem has been patched in the "develop" branch of Contiki-NG and is expected to be included in subsequent releases. Users are advised to update their develop branch or to update to a subsequent release when available. Users unable to upgrade should consider manually applying the changes in PR #2741.

CVSS Vector Breakdown

AV:NAC:HPR:NUI:NS:UC:LI:LA:H
Exploitability
AV:NAttack Vector
Network
AC:HAttack Complexity
High
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:LConfidentiality
Low
I:LIntegrity
Low
A:HAvailability
High
Open in CVSS calculator →

Weaknesses

CWE-787

Affected Products

contiki-ngcontiki-ng
Embedded
Operating Systems / rtos-embedded-os
contiki-ngoss-projectOperating Systemsaka contiki-ng., tinydtls

Attack Graph

Products CVE Techniques Tactics

Click technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.

Exploitability

Official Patch Available

MITRE ATT&CK

2 techniques
Initial Access
Privilege Escalation
View detailed technique mapping

References

https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-rcwv-xwc9-5hp2
github.com
https://github.com/contiki-ng/contiki-ng/pull/2741
github.com

Timeline

Published
Feb 14, 2024
Last Updated
Jan 6, 2025

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2023-48229 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows