CVE-2023-21379

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Oct 30, 2023
Updated: Nov 3, 2023
CWE ID 125

Summary

CVE-2023-21379 is a vulnerability in Bluetooth that could potentially lead to local information disclosure in the Bluetooth server. The vulnerability results from a missing bounds check, allowing for an out-of-bounds read. Exploitation does not require user interaction, but system execution privileges are needed. This vulnerability affects various products, including tzDcWF, bQe5zt, YLUeDN, QtrBOA, QtrBOB, QtrBOC, and others. To remediate the vulnerability, it is recommended to apply security patches or updates provided by the affected product vendors. The potential danger posed to organizations is high as it could result in the disclosure of sensitive information without user interaction.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21379 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options