CVE-2023-42531

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 7, 2023
Updated: Mar 12, 2024
CWE ID 287

Summary

CVE-2023-42531 is an access control vulnerability that affects the SmsController in a specific software before the SMR Nov-2023 Release1. This issue permits local attackers to circumvent restrictions and initiate activities from the background, potentially leading to unauthorized access or unintended execution of functions. The vulnerability is due to improper access control mechanisms being in place, posing a security risk to affected systems. To mitigate this issue, it is recommended that users install the latest software release as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share