CVE-2023-33114

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 2, 2024

Updated: Apr 12, 2024

CWE ID 416

Summary

CVE-2023-33114 is a newly disclosed cybersecurity vulnerability that affects the NPU (Network Processing Unit) component. This issue arises when the system processes NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands simultaneously. The result is a memory corruption, which could potentially be exploited by an attacker to execute arbitrary code or cause a denial-of-service condition. This vulnerability poses a serious risk for organizations that utilize the affected NPU component and have not yet applied the necessary patches. It is recommended that affected parties prioritize updating their systems to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database