CVE-2023-2570

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 14, 2023

Updated: Jun 21, 2023

CWE ID 352

Summary

CVE-2023-2570 is a vulnerability affecting the Foxboro.sys driver, where an attacker with local user access can exploit an unpredictable array index during an IOCTL call. This CWE-129 issue leads to potential local denial-of-service and potentially kernel execution. The vulnerability arises from improper validation of array indices, posing a significant risk for targeted systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/qAYoLe
https://www.cve.org/CVERecord?id=CVE-2023-2570
https://nvd.nist.gov/vuln/detail/CVE-2023-2570

Back to Vulnerability Database

CVE-2023-2570

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations