CVE-2023-24938

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jun 14, 2023

Updated: May 29, 2024

CWE ID 476

Summary

CVE-2023-24938 is a newly disclosed Denial of Service (DoS) vulnerability affecting the Windows CryptoAPI. Hackers can exploit this flaw by sending specially crafted certificates to a target system, leading to a memory corruption issue. This can result in a DoS condition, causing the system to become unresponsive or crash. Microsoft has released a security update to address this vulnerability and advised users to install it promptly to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/roHK3w
https://www.cve.org/CVERecord?id=CVE-2023-24938
https://nvd.nist.gov/vuln/detail/CVE-2023-24938

Back to Vulnerability Database

CVE-2023-24938

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations