CVE-2023-40997

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 28, 2023
Updated: Dec 14, 2023
CWE ID 120

Summary

CVE-2023-40997 is a buffer overflow vulnerability discovered in version 4.9.0 of the ric-plt-lib-rmr library used by the O-RAN Software Community. A remote attacker can exploit this weakness by sending a specially crafted packet, leading to a denial-of-service condition. The flaw arises due to insufficient bounds checking, resulting in excess data being written to a buffer. System administrators are advised to apply the necessary patches to mitigate this risk and prevent potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share