CVE-2023-30688

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 10, 2023
Updated: Nov 7, 2023
CWE ID 787

Summary

CVE-2023-30688 is a newly identified vulnerability affecting the MakeUiccAuthForOem function in libsec-ril before the SMR Aug-2023 Release 1. This issue allows a local attacker to perform an out-of-bounds write, which can be exploited to execute arbitrary code on the system. This vulnerability poses a significant risk to security, as it can be exploited to gain unauthorized access and potentially take control of the affected device. It is recommended that users install the latest updates to mitigate this risk and protect against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share