CVE-2023-33085

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 2, 2024
Updated: Apr 12, 2024
CWE ID 120

Summary

CVE-2023-33085 is a memory corruption vulnerability affecting wearable devices while processing data from AON. The issue arises due to insufficient input validation, allowing an attacker to inject malicious data that can corrupt memory. This can potentially lead to unintended device behavior, including crashes and unauthorized access to sensitive information. Successful exploitation of this vulnerability could compromise the confidentiality, integrity, and availability of the affected wearable device. Users are recommended to update their devices as soon as a patch is available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share