How severe is CVE-2023-6948?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2023-6948?

This is classified as CWE-120, which is a common weakness in software security.

CVE-2023-6948 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

A Buffer Copy without Checking Size of Input issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the sdk_printf function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, compromising it in a term of availability and producing a denial-of-service attack. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620.

Related Vulnerabilities

CVE-2023-42757

MEDIUM

CVSS:4.2(Medium)

Process Explorer before 17.04 allows attackers to make it functionally unavailable (a denial of service for analysis) by renaming an executable file to a new extensionless 255-character name and launc...

CWE-1202023

CVE-2024-37816

MEDIUM

CVSS:4.2(Medium)

Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow.

CWE-1202024

CVE-2024-45620

LOW

CVSS:3.9(Low)

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When b...

CWE-1202024

CVE-2019-20739

MEDIUM

CVSS:4.3(Medium)

NETGEAR R8500 devices before v1.0.2.128 are affected by a buffer overflow by an unauthenticated attacker.

CWE-1202019

CVE-2020-8261

MEDIUM

CVSS:4.3(Medium)

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.

CWE-1202020

CVE-2021-33680

MEDIUM

CVSS:4.3(Medium)

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming t...

CWE-1202021