CVE-2023-33863

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 7, 2023

Updated: Jan 8, 2025

CWE ID 190

Summary

CVE-2023-33863 is a newly disclosed vulnerability affecting RenderDoc before version 1.27. This issue involves a serialization function named SerialiseValue, which contains a flaw that allows for integer overflow. When the value 0xffffffff is sign-extended, it results in SIZE_MAX, causing a buffer overflow attempt upon adding one to it. This vulnerability could potentially be exploited for arbitrary code execution or memory corruption. Developers are strongly advised to update to the latest RenderDoc version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/riWc5W
https://www.cve.org/CVERecord?id=CVE-2023-33863
https://nvd.nist.gov/vuln/detail/CVE-2023-33863

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-33863

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations