CVE-2023-33668

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 12, 2023

Updated: Jul 20, 2023

CWE ID 354

Summary

CVE-2023-33668 is a vulnerability affecting DigiExam versions up to 14.0.2. This issue arises from the absence of integrity checks for native modules in the software, which enables attackers to gain unauthorized access to Personally Identifiable Information (PII) and take over accounts on shared computers. By exploiting this weakness, malicious actors can potentially breach the security of the system and compromise sensitive data, posing a significant risk to organizations and individuals using the affected software.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r6upLu
https://www.cve.org/CVERecord?id=CVE-2023-33668
https://nvd.nist.gov/vuln/detail/CVE-2023-33668

Back to Vulnerability Database

CVE-2023-33668

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations