CVE-2023-4345

Summary

CVE-2023-4345 is a recently disclosed vulnerability affecting Broadcom RAID Controller web interfaces. This issue permits a low privileged user to bypass client-side controls, resulting in unauthorized access to sensitive data. The vulnerability does not require any complex exploitation techniques, making it potentially dangerous for organizations that have not yet applied the necessary patches. Users are urged to update their RAID controllers as soon as possible to mitigate this risk. The exact method of exploitation has not been made public, but it is believed to involve manipulating inputs in the web interface.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.