CVE-2023-36198

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 25, 2023
Updated: Aug 29, 2023
CWE ID 120

Summary

CVE-2023-36198 is a buffer overflow vulnerability discovered in version 1.9.0 of skalenetwork's sgxwallet. An attacker can exploit this flaw in the trustedBlsSignMessage function to trigger a denial of service. By sending specially crafted input data, the attacker can manipulate the function to write past the intended buffer boundary, potentially causing the application to crash or become unresponsive. This vulnerability poses a significant risk, particularly in environments where the wallet software is used to handle sensitive financial transactions. It is crucial that affected users update their software to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share