CVE-2023-30691

Summary

CVE-2023-30691 is a newly disclosed vulnerability that affects AuthenticationConfig in SMR, prior to the Aug-2023 Release 1. A parcel mismatch in this component allows a local attacker to execute privilege escalation, potentially granting unauthorized access to sensitive information or system functions. This issue could be exploited by an attacker with local access to the affected system, posing a significant risk to organizations that have not yet applied the relevant patch. System administrators are strongly advised to update their AuthenticationConfig component as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.