CVE-2023-30696
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Aug 10, 2023
Updated: Nov 7, 2023
CWE ID 787
Summary
CVE-2023-30696 is a newly identified vulnerability affecting the IpcTxGetVerifyAkey function in libsec-ril before the SMR Aug-2023 Release 1. This issue involves improper input validation, enabling attackers to execute out-of-bounds writes. Successful exploitation could lead to memory corruption and potential code execution, posing a significant risk to affected systems. Users are strongly encouraged to update to the latest release to mitigate this vulnerability and protect against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Android
Affected Vendors
- Samsung