CVE-2023-28129

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 10, 2023
Updated: Oct 18, 2023

Summary

CVE-2023-28129 is a vulnerability affecting DSM 2022.2 and earlier versions. This issue grants local low privileged accounts the ability to execute arbitrary OS commands as the DSM software installation user, posing a significant security risk. Exploitation of this vulnerability could result in unauthorized system access and potential data breaches. It is recommended that users upgrade to a patched version of DSM to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share