CVE-2023-42675

Summary

CVE-2023-42675 is a vulnerability affecting the imsservice component. It allows an attacker to write permission usage records of an application without proper permission checks in place. This issue does not require any additional execution privileges and could result in local information disclosure. The missing permission check in imsservice opens the door for unauthorized access to sensitive data. Attackers could exploit this vulnerability to gain insights into the application's behavior and potentially escalate their access further. Users are advised to apply patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.