CVE-2021-33390
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 22, 2023
Updated: Aug 24, 2023
CWE ID 416
Summary
CVE-2021-33390 is a use-after-free vulnerability affecting the dpic 2021.04.10 software. Specifically, the deletestringbox() function in dpic.y contains this issue, which can lead to memory being accessed after it has been freed. This vulnerability is distinct from CVE-2021-32421 and poses a significant risk if exploited. Successful exploitation may result in arbitrary code execution or denial-of-service conditions. Users are advised to update their dpic software as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share