CVE-2023-49557

CVSS 3.1 Score 5.5 of 10 (medium)

Attack Complexity low
Availability high
Confidentiality none
Integrity none
Scope unchanged
Privileges Required none

Details

Published Jan 3, 2024
Updated: Jan 9, 2024

Summary

CVE-2023-49557 is a newly identified vulnerability affecting YASM 1.3.0.86.g9def. This issue permits a remote denial of service attack through the yasm_section_bcs_first function located in the libyasm/section.c component. By exploiting this flaw, an attacker can trigger a denial of service condition, causing affected systems to become unresponsive and unavailable to users. The specific cause of the vulnerability remains undisclosed, but it is recommended that users of YASM version 1.3.0.86.g9def upgrade to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share