CVE-2022-31135 MEDIUM

CVE-2022-31135: Maliciously crafted evidence packet may cause denial of service

Vendor Attorneyonline
Product akashi
Weakness CWE-129
Published July 7, 2022
Last update April 23, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Akashi is an open source server implementation of the Attorney Online video game based on the Ace Attorney universe. Affected versions of Akashi are subject to a denial of service attack. An attacker can use a specially crafted evidence packet to make an illegal modification, causing a server crash. This can be used to mount a denial-of-service exploit. Users are advised to upgrade. There is no known workaround for this issue.

Key dates

02Disclosure timeline

July 7, 2022 CVE published
April 23, 2025 Record updated