Throughtek Kalay_platform
4 CVEs affecting Throughtek Kalay_platform. Latest disclosed: 2024-05-15. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6324 | High | 8.1 | 2024-05-15 | ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity |
CVE-2023-6322 | High | 7.2 | 2024-05-15 | A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version… |
CVE-2023-6321 | High | 7.2 | 2024-05-15 | A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An… |
CVE-2023-6323 | Medium | 4.3 | 2024-05-15 | ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server. |