CVE-2023-35652

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 11, 2023

Updated: Oct 13, 2023

CWE ID 125

Summary

CVE-2023-35652 is a cyber vulnerability that affects the product SjtmR4. It is categorized as CWE-125, which refers to an out-of-bounds read vulnerability. The vulnerability is found in ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp. It can potentially lead to remote information disclosure, but it requires baseband firmware compromise to be exploited. The vulnerability does not require user interaction for exploitation. The severity of this vulnerability is rated as HIGH, with a base score of 7.5 and a confidentiality impact of HIGH.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s5Jbf2
https://www.cve.org/CVERecord?id=CVE-2023-35652
https://nvd.nist.gov/vuln/detail/CVE-2023-35652

Back to Vulnerability Database

CVE-2023-35652

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations