CVE-2023-43540

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Mar 4, 2024
Updated: Apr 12, 2024
CWE ID 120

Summary

CVE-2023-43540 is a newly disclosed vulnerability that affects the handling of IOCTL FM HCI WRITE requests. The issue results in memory corruption, which can be exploited by malicious actors to execute arbitrary code or cause denial-of-service conditions. This vulnerability poses a significant risk to systems that support the affected functionality, and urgent patches are recommended to mitigate the threat. The memory corruption occurs during the processing of the IOCTL FM HCI WRITE request, potentially allowing an attacker to inject and execute malicious data in the target system's memory.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share