CVE-2023-35863

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jul 5, 2023

Updated: Jul 14, 2023

CWE ID 362

Summary

CVE-2023-35863 is a vulnerability affecting MADEFORNET HTTP Debugger versions up to 9.12. The Windows service associated with the software fails to set the seclevel registry key prior to launching the driver. Consequently, an unprivileged application can seize control of the NetFilterSDK wrapper before the service gains exclusive access, potentially leading to security breaches. This issue could allow unauthorized access or modification of network traffic data. The vulnerability poses a significant risk to users running the affected software on their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r4rEIM
https://www.cve.org/CVERecord?id=CVE-2023-35863
https://nvd.nist.gov/vuln/detail/CVE-2023-35863

Back to Vulnerability Database

CVE-2023-35863

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations