2023-12-15 11:32:48
IDEMIA
PUBLISHED
When reading DesFire keys, the function that reads the card isnt properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you use Default DESFire key.