CVE-2023-30728

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 6, 2023
Updated: Nov 7, 2023

Summary

CVE-2023-30728 is an intent redirection vulnerability affecting PackageInstallerCHN before version 13.1.03.00. Malicious actors can exploit this issue to gain access to arbitrary files on the affected system. The exploitation of this vulnerability requires user interaction, making it a potential threat in targeted attacks. This issue poses a significant risk, as it allows local attackers to bypass normal access restrictions and potentially gain sensitive information or perform unauthorized actions. Users are strongly encouraged to update their PackageInstallerCHN software to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share