CVE-2023-42799

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 14, 2023

Updated: Dec 20, 2023

CWE ID 120

Summary

CVE-2023-42799 is a buffer overflow vulnerability affecting Moonlight-common-c, a core component of the Moonlight game streaming software. Committing in 2023, the vulnerable code (50c0a51b10ecc5b3415ea78c21d96d679e2288f9) contains unmitigated usage of unsafe C functions and insufficient bounds checking. A malicious game streaming server can exploit this flaw to induce crashes or execute arbitrary code on the client, potentially leading to remote code execution. The issue was resolved in a later commit (02b7742f4d19631024bd766bd2bb76715780004e).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sr8GP_
https://www.cve.org/CVERecord?id=CVE-2023-42799
https://nvd.nist.gov/vuln/detail/CVE-2023-42799

Back to Vulnerability Database

CVE-2023-42799

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations