CVE-2023-37444

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 8, 2024

Updated: Apr 9, 2024

CWE ID 119

Summary

CVE-2023-37444 is a serious vulnerability affecting GTKWave 3.3.115. Multiple out-of-bounds read issues have been identified in the VCD var definition section functionality. A maliciously crafted .vcd file can exploit these vulnerabilities, leading to arbitrary code execution. This risk arises when a user opens a specially designed file, making the GUI's interactive VCD parsing code a potential attack vector.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r4-9Rg
https://www.cve.org/CVERecord?id=CVE-2023-37444
https://nvd.nist.gov/vuln/detail/CVE-2023-37444

Back to Vulnerability Database

CVE-2023-37444

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations