CVE-2023-39540

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Feb 20, 2024
CWE ID 126

Summary

CVE-2023-39540 is a denial-of-service vulnerability affecting the ICMP and ICMPv6 parsing functionality in Weston Embedded uC-TCP-IP v3.06.01. A maliciously crafted network packet can trigger an out-of-bounds read, leading to the vulnerability. The issue can cause the affected system to crash or become unresponsive, resulting in a denial of service. Network administrators are advised to update their uC-TCP-IP installations to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share