CVE-2023-48397

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Dec 8, 2023

Updated: Mar 12, 2024

CWE ID 125

Summary

CVE-2023-48397 is a newly disclosed vulnerability affecting an unspecified software component. The issue lies within the Init of protocolcalladapter.cpp file, where a missing bounds check can result in an out-of-bounds read. This vulnerability poses a significant risk, with the potential for remote information disclosure. Notably, exploitation does not require user interaction, making it especially dangerous as system execution privileges are needed to take advantage of this flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tcDwrV
https://www.cve.org/CVERecord?id=CVE-2023-48397
https://nvd.nist.gov/vuln/detail/CVE-2023-48397

Back to Vulnerability Database

CVE-2023-48397

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations