CVE-2023-36381
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Dec 28, 2023
Updated: Jan 4, 2024
CWE ID 502
Summary
CVE-2023-36381 is a Deserialization of Untrusted Data vulnerability impacting Gesundheit Bewegt GmbH's Zippy software. This weakness, which affects versions from n/a to 1.6.5, can allow an attacker to execute arbitrary code by supplying malicious data to be deserialzed. Successful exploitation could result in unauthorized system access or data theft. Users are strongly advised to update to the latest version of Zippy to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share