CVE-2023-34823

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 14, 2023
Updated: Jan 3, 2025
CWE ID 787

Summary

CVE-2023-34823 is a newly disclosed vulnerability affecting the fdkaac library before version 1.0.5. This issue is rooted in a stack overflow weakness, specifically located in the read_callback function, which is found in the src/main.c file. An attacker could potentially exploit this flaw by sending malicious input to the affected system, ultimately leading to a denial-of-service condition or even arbitrary code execution if the stack buffer is overwritten. The vulnerability poses a significant risk to systems that utilize the fdkaac library and have not been updated to the latest patch release.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share