CVE-2023-21671

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 7, 2023

Updated: Apr 12, 2024

CWE ID 20

Summary

CVE-2023-21671 is a memory corruption vulnerability impacting the Core component of Sectools Fuse. This issue arises during the execution of a syscall related to the comparison feature, allowing an attacker to corrupt memory and potentially execute arbitrary code. Successful exploitation could lead to serious security consequences, such as unauthorized access, data theft, or system crashes. It is recommended that users of Sectools Fuse apply the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tSwtZP
https://www.cve.org/CVERecord?id=CVE-2023-21671
https://nvd.nist.gov/vuln/detail/CVE-2023-21671

Back to Vulnerability Database

CVE-2023-21671

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations