CVE-2023-33057

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 6, 2024

Updated: Apr 12, 2024

CWE ID 20

Summary

CVE-2023-33057 is a Transient Denial of Service (DoS) vulnerability affecting the Multi-Mode Call Processor in certain UE policy containers. An attacker can exploit this issue by sending maliciously crafted policy containers, causing the processor to enter an infinite loop and become unresponsive, resulting in a DoS condition. The vulnerability can potentially disrupt network services, leading to operational disruptions and potential financial losses. It is recommended that affected organizations apply the available patches or workarounds to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uaTukI
https://www.cve.org/CVERecord?id=CVE-2023-33057
https://nvd.nist.gov/vuln/detail/CVE-2023-33057

Back to Vulnerability Database

CVE-2023-33057

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations