CVE-2023-39070

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 11, 2023

Updated: Sep 15, 2023

CWE ID 416

Summary

CVE-2023-39070 is a vulnerability affecting Cppcheck version 2.12. This issue permits a local attacker to execute arbitrary code by manipulating the removeContradiction parameter in the token.cpp file at line 1934. The flaw arises from an insufficient validation check, allowing malicious input to bypass intended restrictions. Attackers can leverage this vulnerability to run unauthorized commands with the privileges of the affected system. System administrators are urged to update to the latest version of Cppcheck to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sG8KyI
https://www.cve.org/CVERecord?id=CVE-2023-39070
https://nvd.nist.gov/vuln/detail/CVE-2023-39070

Back to Vulnerability Database

CVE-2023-39070

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations