CVE-2023-20798

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Aug 7, 2023
Updated: Aug 9, 2023
CWE ID 131
CWE ID 125

Summary

CVE-2023-20798 is a newly disclosed vulnerability affecting the pda software. The issue arises from an incorrect calculation of buffer size, leading to a possible out-of-bounds read. This vulnerability could potentially result in local information disclosure, even with System execution privileges required. Notably, user interaction is not necessary for exploitation. The patch for this issue is identified as ALPS07147572, and the internal issue reference is ALPS07421076.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share