CVE-2023-40551

Summary

CVE-2023-40551 is a newly identified vulnerability affecting the MZ binary format in Shim. This issue permits an out-of-bounds read, potentially resulting in a system crash or, more worryingly, the exposure of sensitive data during the boot process. The vulnerability can be exploited by attackers who manage to manipulate the affected binary files, raising serious security concerns for affected systems. It is imperative that users apply the available patch or mitigations to protect their systems from potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.