CVE-2023-33049

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 6, 2024

Updated: Apr 12, 2024

CWE ID 401

Summary

CVE-2023-33049 is a Transient Denial of Service (DoS) vulnerability affecting the Multi-Mode Call Processor. The issue arises due to a UE (User Equipment) failure, which results in heap leakage. An attacker can exploit this vulnerability by sending maliciously crafted packets to the affected system, leading to a denial of service condition. The exploit does not require user interaction or privileged access, making it potentially hazardous if left unaddressed. System administrators are strongly advised to apply the available patch or update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uaTukK
https://www.cve.org/CVERecord?id=CVE-2023-33049
https://nvd.nist.gov/vuln/detail/CVE-2023-33049

Back to Vulnerability Database

CVE-2023-33049

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations