CVE-2023-33074
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 7, 2023
Updated: Apr 12, 2024
CWE ID 787
CWE ID 416
Summary
CVE-2023-33074 is a newly disclosed memory corruption vulnerability. It impacts the Audio subsystem when a Stop Streaming Request (SSR) event is triggered immediately after music playback has been stopped. An attacker who successfully exploits this vulnerability could potentially gain control over an affected system by injecting malicious code into the memory. This could lead to unauthorized access, data theft, or even system takeover. Users are advised to apply the available patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share