CVE-2023-45842

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Dec 5, 2023

Updated: Dec 12, 2023

CWE ID 494

Summary

CVE-2023-45842: A data integrity issue was discovered in Buildroot 2023.08.1 and commit 622298d7847, affecting the `mxsldr` package. This vulnerability allows a man-in-the-middle attacker to compromise the package hash checking functionality, potentially resulting in arbitrary command execution during the building process. Multiple data integrity vulnerabilities have been identified, posing a significant risk to users of these affected Buildroot versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s_wbFY
https://www.cve.org/CVERecord?id=CVE-2023-45842
https://nvd.nist.gov/vuln/detail/CVE-2023-45842

Back to Vulnerability Database

CVE-2023-45842

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations