CVE-2023-7152

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 29, 2023

Updated: May 17, 2024

CWE ID 416

Summary

CVE-2023-7152 is a critical vulnerability affecting MicroPython 1.21.0/1.22.0-preview. The issue lies in the function poll_set_add_fd of extmod/modselect.c, resulting in use after free. The exploit for this vulnerability has been disclosed, increasing the risk of attacks. To mitigate this risk, it is strongly advised to apply the patch identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. VDB-249158 is the assigned identifier for this security flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t8ztIZ
https://www.cve.org/CVERecord?id=CVE-2023-7152
https://nvd.nist.gov/vuln/detail/CVE-2023-7152

Back to Vulnerability Database

CVE-2023-7152

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations