CVE-2023-36377

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 3, 2023

Updated: Dec 23, 2023

CWE ID 120

Summary

CVE-2023-36377 is a buffer overflow vulnerability affecting mtrojnar osslsigncode version 2.3 and earlier. This issue allows local attackers to execute arbitrary code by providing specially crafted .exe, .sys, and .dll files. The buffer overflow occurs during the processing of these files, leading to unintended memory manipulation and potential code execution. This vulnerability poses a significant risk to systems utilizing the affected software and requires immediate attention and patching to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r3WazS
https://www.cve.org/CVERecord?id=CVE-2023-36377
https://nvd.nist.gov/vuln/detail/CVE-2023-36377

Back to Vulnerability Database

CVE-2023-36377

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations