Throughtek Kalay Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Throughtek Kalay Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-6324 — CVSS 8.1 (high): ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
CVE-2023-6321 — CVSS 7.2 (high): A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution…
CVE-2023-6322 — CVSS 7.2 (high): A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and…
CVE-2023-6323 — CVSS 4.3 (medium): ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server.