CVE-2023-3953
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-3953 is a memory corruption vulnerability identified in GP-Pro EX, which could be exploited by an authenticated user opening a tampered log file. This vulnerability, classified as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer, could lead to memory corruption, potentially allowing an attacker to execute arbitrary code or cause the system to crash. The impact of this issue is significant as it may result in unauthorized system access or data compromise. Users are advised to apply the available patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.