CVE-2023-45591 – A heap-based buffer overflow in the logger

Q: What is the severity of CVE-2023-45591?

CVE-2023-45591 has a CVSS score of 7.5 (HIGH). A heap-based buffer overflow in the logger_generic function of the Ax_rtu binary allows remote authenticated attackers to cause memory corruption, potentially leading to denial-of-service, arbitrary code execution with root privileges, or other impacts. This affects AiLux imx6 bundle versions below imx6_1.0.7-2.

📋 TL;DR

A heap-based buffer overflow in the logger_generic function of the Ax_rtu binary allows remote authenticated attackers to cause memory corruption, potentially leading to denial-of-service, arbitrary code execution with root privileges, or other impacts. This affects AiLux imx6 bundle versions below imx6_1.0.7-2.

💻 Affected Systems

Products:

AiLux imx6 bundle

Versions: Below version imx6_1.0.7-2

Operating Systems: Linux-based systems on imx6 hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires remote authenticated access to the Ax_rtu binary; default configurations may expose this service.

📦 What is this software?

Imx6 by Ailux

View all CVEs affecting Imx6 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with root privileges, leading to full system compromise.

🟠

Likely Case

Denial-of-service condition disrupting device functionality.

🟢

If Mitigated

Limited impact if patched or isolated, with no exploitation.

🌐 Internet-Facing: HIGH if exposed to untrusted networks, as it allows remote authenticated exploitation.

🏢 Internal Only: MEDIUM if accessible only internally, but still poses risk from insider threats.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires authentication, but heap overflows can be leveraged for code execution with moderate complexity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: imx6_1.0.7-2 or later

Vendor Advisory: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45591

Restart Required: Yes

Instructions:

1. Check current version with provided command. 2. Update to imx6_1.0.7-2 or later via vendor channels. 3. Restart the device to apply changes.

🔧 Temporary Workarounds

Restrict network access

linux

Limit access to the Ax_rtu service to trusted IPs only.

iptables -A INPUT -p tcp --dport <port> -s <trusted_ip> -j ACCEPT
iptables -A INPUT -p tcp --dport <port> -j DROP

Disable or block service

linux

Temporarily disable the Ax_rtu binary if not essential.

systemctl stop ax_rtu
chmod -x /path/to/Ax_rtu

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected devices.
Monitor logs for unusual activity and enforce least privilege access controls.

🔍 How to Verify

Check if Vulnerable:

Check the installed version of AiLux imx6 bundle; if below imx6_1.0.7-2, it is vulnerable.

Check Version:

cat /etc/ailux-version or check vendor documentation for version command.

Verify Fix Applied:

Confirm version is imx6_1.0.7-2 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unusual crashes or restarts of Ax_rtu process
Authentication logs showing unexpected access attempts

Network Indicators:

Suspicious traffic to the Ax_rtu service port
Anomalous network patterns from authenticated sources

SIEM Query:

source="syslog" AND process="Ax_rtu" AND (event="segmentation fault" OR event="buffer overflow")

📊 Metadata

CVE ID: CVE-2023-45591

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-122

Published: March 5, 2024

Last Updated: April 10, 2025

🔗 References

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45591 Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-45591 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45591, you might also want to check these: