CVE-2023-33032

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 2, 2024
Updated: Apr 12, 2024
CWE ID 787
CWE ID 190

Summary

CVE-2023-33032 is a memory corruption vulnerability in the TZ Secure OS, which occurs when requesting a memory allocation from the TA region. This vulnerability has a high severity rating with a base score of 7.8 and poses a potential danger to organizations as it can lead to integrity and confidentiality impacts. The vulnerability has an exploitability score of 1.8, indicating that it can be exploited with low-level privileges and no user interaction required. The attack vector is local, and the availability impact is high. The vulnerability has been classified under CWE-787 (Out-of-bounds Write) and CWE-190 (Integer Overflow or Wraparound). No specific remediation steps or information about affected products are provided in the given text.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share