CVE-2023-33092

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 5, 2023

Updated: Apr 12, 2024

CWE ID 119

CWE ID 120

Summary

CVE-2023-33092 is a memory corruption vulnerability affecting Bluetooth functionality. The issue arises when the system processes an unexpectedly large pin code received from the Application Protocol (APP) layer. This vulnerability can potentially be exploited by an attacker to execute arbitrary code or cause a denial of service condition. Successful exploitation requires the attacker to intercept and manipulate pin codes during Bluetooth authentication. Organizations and individuals using Bluetooth technology are advised to apply the relevant patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/trbEq4
https://www.cve.org/CVERecord?id=CVE-2023-33092
https://nvd.nist.gov/vuln/detail/CVE-2023-33092

Back to Vulnerability Database

CVE-2023-33092

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations