CVE-2023-43505

CVSS 3.1 Score 6.5 of 10 (medium)

Attack Complexity low
Confidentiality high
Privileges Required low
Integrity none
Availability none
Scope unchanged

Details

Published Nov 14, 2023
Updated: Nov 18, 2023
CWE ID 284

Summary

CVE-2023-43505 is a newly disclosed vulnerability affecting COMOS (all versions). This issue stems from insufficient access controls in SMB shares, which can be exploited by attackers to gain unauthorized access to files. Unauthorized access to sensitive information could lead to data breaches and potential business disruptions. Users are advised to update their COMOS installation as soon as possible to mitigate this risk. Failure to address this vulnerability could leave systems vulnerable to unauthorized access and potential data breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share