CVE-2023-50671

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 11, 2024

Updated: Jan 18, 2024

CWE ID 787

Summary

CVE-2023-50671 is a newly disclosed vulnerability affecting exiftags version 1.01. The issue lies within the nikon.c file, specifically in the 'nikon_prop1' function. A heap-based buffer overflow occurs due to an unexpected write operation of size 28 in the 'snprintf' function. This vulnerability could potentially be exploited by an attacker to execute arbitrary code on an affected system. Successful exploitation may lead to unauthorized access, data theft, or system crashes. Users of exiftags 1.01 are advised to update to the latest version or apply relevant patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tw7pMc
https://www.cve.org/CVERecord?id=CVE-2023-50671
https://nvd.nist.gov/vuln/detail/CVE-2023-50671

Back to Vulnerability Database

CVE-2023-50671

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations