CVE-2023-21290

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2023
Updated: Aug 21, 2023
CWE ID 362

Summary

CVE-2023-21290 is a newly identified vulnerability affecting the MmsProvider.java update. The issue involves a race condition that allows for bypassing file permission checks, potentially leading to local denial of service. Notably, no additional execution privileges or user interaction are required for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share