CVE-2023-48411

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 8, 2023

Updated: Mar 12, 2024

CWE ID 125

Summary

CVE-2023-48411 is a vulnerability affecting SignalStrengthAdapter's FillGsmSignalStrength function in protocolmiscadapter.cpp. This issue involves a missing bounds check, resulting in a possible out-of-bounds read. The consequences of this vulnerability can lead to local information disclosure, with the potential for further baseband firmware compromise. Importantly, user interaction is not needed for an attacker to exploit this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tcDskY
https://www.cve.org/CVERecord?id=CVE-2023-48411
https://nvd.nist.gov/vuln/detail/CVE-2023-48411

Back to Vulnerability Database

CVE-2023-48411

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations