CVE-2023-38650

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 8, 2024
Updated: Apr 9, 2024
CWE ID 190

Summary

CVE-2023-38650 is a vulnerability affecting GTKWave 3.3.115 where multiple integer overflow issues exist in the vzt_rd_block_vch_decode function. A maliciously crafted .vzt file can exploit these vulnerabilities, leading to memory corruption. The integer overflow occurs when the variable num_time_ticks is not zero, posing a threat to users who open malicious files.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share