CVE-2023-33029

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 3, 2023

Updated: Apr 12, 2024

CWE ID 416

Summary

CVE-2023-33029 is a memory corruption vulnerability affecting the DSP Service during a remote call from HLOS to DSP. An attacker who successfully exploits this vulnerability can manipulate the targeted system's memory, potentially leading to arbitrary code execution. This issue poses a significant risk as it can allow unauthorized access or data theft. The vulnerability requires a remote trigger, increasing the attack surface and potential impact on affected systems. Mitigation measures include applying the relevant patches and restricting access to the affected component.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s25ZT3
https://www.cve.org/CVERecord?id=CVE-2023-33029
https://nvd.nist.gov/vuln/detail/CVE-2023-33029

Back to Vulnerability Database

CVE-2023-33029

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations