CVE-2023-2906

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 25, 2023
Updated: Sep 15, 2023
CWE ID 787

Summary

CVE-2023-2906 is a vulnerability affecting Wireshark versions 2.0.0 through 4.0.7. An attacker can craft a malicious CP2179 packet, which is not properly validated for length in Wireshark. This issue results in a divide by zero error, leading to a denial of service attack on the Wireshark application. The vulnerability can be exploited by sending specially crafted packets to a target system running Wireshark. The impact of this vulnerability is limited to a denial of service, but it still poses a significant risk to organizations that rely on Wireshark for network analysis and debugging. It is recommended that users upgrade to the latest version of Wireshark to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • AutoCAD LT
  • AutoCAD Mechanical
  • AutoCAD MEP
  • AutoCAD
  • AutoCAD Plant 3D

Affected Vendors

  • Autodesk