CVE-2023-40998

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 28, 2023
Updated: Dec 14, 2023
CWE ID 120

Summary

CVE-2023-40998 is a buffer overflow vulnerability affecting version 4.9.0 of the O-RAN Software Community's ric-plt-lib-rmr. A remote attacker can exploit this flaw by manipulating the packet size component, leading to a denial of service. The vulnerability arises due to insufficient bounds checking in the software's handling of large input data. Successful exploitation results in the overwriting of memory, causing the application to crash or malfunction, potentially disrupting network operations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share