CVE-2023-4693

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Oct 25, 2023

Updated: May 22, 2024

CWE ID 125

Summary

CVE-2023-4693 is a newly discovered vulnerability affecting the grub2 NTFS filesystem driver. This issue involves an out-of-bounds read flaw that can be exploited by a physically present attacker. By presenting a specially crafted NTFS file system image, an attacker can read arbitrary memory locations, potentially leaking sensitive data cached in memory or EFI variable values. This vulnerability carries a significant Confidentiality risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Gnu Grub2
Red Hat Enterprise Linux

Affected Vendors

Red Hat

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/shXCUe
https://www.cve.org/CVERecord?id=CVE-2023-4693
https://nvd.nist.gov/vuln/detail/CVE-2023-4693

Back to Vulnerability Database