CVE-2023-42529
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 7, 2023
Updated: Nov 13, 2023
CWE ID 787
Summary
CVE-2023-42529 is an out-of-bound write vulnerability affecting libsec-ril before the SMR Nov-2023 Release 1. This issue permits local attackers to exploit the flaw and execute arbitrary code. The vulnerability occurs due to insufficient bounds checking during data writing in the library, leading to potential memory corruption. Successful exploitation could result in system compromise and unauthorized access to sensitive information or functionality. Users are urged to apply the SMR Nov-2023 Release 1 patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Android
Affected Vendors
- Samsung