CVE-2023-42678

Summary

CVE-2023-42678 is a vulnerability affecting the imsservice component. This issue involves a missing permission check, allowing an app to write usage records without proper authorization. Consequently, an attacker can disclose local information without requiring any additional execution privileges. This vulnerability poses a risk for information leakage, emphasizing the importance of implementing robust access control mechanisms.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.