CVE-2023-43992

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 24, 2024

Updated: Jan 27, 2024

Summary

CVE-2023-43992 is a vulnerability affecting STOCKMAN GROUP mini-app on Line version 13.6.1. This issue permits attackers to exploit a notification system flaw and send malicious notifications. By leveraging this vulnerability, an attacker can potentially gain unauthorized access to the channel access token, allowing them to carry out further malicious activities. This weakness poses a significant risk to users of the affected Line app, and it is essential to apply the necessary patches or updates to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linecorp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/syXtdR
https://www.cve.org/CVERecord?id=CVE-2023-43992
https://nvd.nist.gov/vuln/detail/CVE-2023-43992

Back to Vulnerability Database

CVE-2023-43992

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations