CVE-2023-21273

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 14, 2023
Updated: Aug 18, 2023
CWE ID 787

Summary

CVE-2023-21273 is a newly identified vulnerability affecting SDP_AddAttribute function in sdp_db.cc. The issue stems from an incorrect bounds check, which creates an opportunity for a possible out-of-bounds write. This vulnerability could allow for remote (proximal or adjacent) code execution without the requirement for additional execution privileges. No user interaction is needed for an attacker to exploit this weakness.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share