CVE-2023-48344

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 18, 2024

Updated: Jan 19, 2024

CWE ID 125

Summary

CVE-2023-48344 is a newly discovered vulnerability affecting video decoders. The issue arises due to insufficient input validation, resulting in a possible out-of-bounds read. An attacker can exploit this flaw to cause a local denial-of-service (DoS) condition without requiring any additional execution privileges. This vulnerability poses a risk to systems that use the affected video decoder and should be addressed promptly to prevent potential DoS attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/taqYIA
https://www.cve.org/CVERecord?id=CVE-2023-48344
https://nvd.nist.gov/vuln/detail/CVE-2023-48344

Back to Vulnerability Database