CVE-2023-36198
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-36198 is a buffer overflow vulnerability discovered in version 1.9.0 of skalenetwork's sgxwallet. An attacker can exploit this flaw in the trustedBlsSignMessage function to trigger a denial of service. By sending specially crafted input data, the attacker can manipulate the function to write past the intended buffer boundary, potentially causing the application to crash or become unresponsive. This vulnerability poses a significant risk, particularly in environments where the wallet software is used to handle sensitive financial transactions. It is crucial that affected users update their software to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Skale