CVE-2023-33036

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 2, 2024

Updated: Apr 12, 2024

CWE ID 476

Summary

CVE-2023-33036 is a newly discovered vulnerability that affects hypervisors when untrusted virtual machines without PSCI (Platform Services Controller Interface) support make PSCI calls. This issue results in a permanent Denial of Service (DoS) condition, as the hypervisor becomes unresponsive and unable to recover. Attackers could exploit this vulnerability by launching untrusted virtual machines to cause a DoS condition on the hypervisor, potentially disrupting critical systems and services. Organizations are urged to apply patches or mitigations as soon as they become available to protect against this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database