CVE-2023-48422

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 8, 2023

Updated: Mar 12, 2024

CWE ID 125

Summary

CVE-2023-48422 is a vulnerability affecting the Init of protocolnetadapter.cpp in a specific software component. This issue involves a missing bounds check, leading to a possible out-of-bounds read event. The consequences of this vulnerability are significant as it could result in local information disclosure, meaning sensitive data may be exposed, even without the need for additional execution privileges. Importantly, user interaction is not required for an attacker to exploit this vulnerability, making it a potentially dangerous threat if left unaddressed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tcDk4D
https://www.cve.org/CVERecord?id=CVE-2023-48422
https://nvd.nist.gov/vuln/detail/CVE-2023-48422

Back to Vulnerability Database

CVE-2023-48422

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations