CVE-2023-38666

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 22, 2023
Updated: Aug 28, 2023

Summary

CVE-2023-38666 is a newly discovered vulnerability affecting Bento4 version 1.6.0-639. The issue lies within the AP4_Processor::ProcessFragments function in mp4encrypt. An attacker can exploit this segmentation violation to gain unauthorized access or cause the software to crash, potentially leading to data loss or system instability. Users are urged to update to the latest version of Bento4 to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share