CVE-2023-41635

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 31, 2023
Updated: Sep 11, 2023
CWE ID 776

Summary

CVE-2023-41635 is a XML External Entity (XXE) vulnerability affecting the VerifichePeriodiche.aspx component of GruppoSCAI RealGimm v1.1.37p38. This issue allows attackers to access and read any file on the system by providing a specially crafted XML file. Successful exploitation could lead to unauthorized information disclosure, potentially resulting in significant security risks. It is crucial for users of this software to apply the necessary patches or updates to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share