CVE-2023-3463

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 19, 2023

Updated: Jul 28, 2023

Summary

CVE-2023-3463 is a memory corruption vulnerability affecting all versions of GE Digital CIMPLICITY that don't follow SDG guidelines and accept documents from untrusted sources. This issue encompasses various types of memory corruption, including out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and heap-based buffer overflow. Successful exploitation could enable an attacker to execute arbitrary code.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Greenshot

Affected Vendors

Greenshot

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzablj
https://www.cve.org/CVERecord?id=CVE-2023-3463
https://nvd.nist.gov/vuln/detail/CVE-2023-3463

Back to Vulnerability Database