CVE-2023-21652

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Aug 8, 2023

Updated: Apr 12, 2024

CWE ID 320

CWE ID 798

Summary

CVE-2023-21652 is a newly disclosed cryptographic vulnerability affecting HLOS. The issue arises when derived keys, utilized for encryption and decryption processes, are inadvertently left on the stack after usage. This oversight potentially exposes sensitive data to unauthorized access, as an attacker could recover these keys and exploit them for malicious purposes. Organizations using HLOS are advised to apply patches promptly to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sQDJFh
https://www.cve.org/CVERecord?id=CVE-2023-21652
https://nvd.nist.gov/vuln/detail/CVE-2023-21652

Back to Vulnerability Database

CVE-2023-21652

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations