CVE-2023-42534

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 7, 2023
Updated: Nov 13, 2023
CWE ID 552

Summary

CVE-2023-42534 is a vulnerability affecting ChooserActivity, an component prior to the Nov-2023 Release 1 of SMR. This issue involves improper input validation, enabling local attackers to gain system-level access and read arbitrary files. The vulnerability poses a significant risk as an unauthorized user can potentially access sensitive information, leading to potential data breaches or system compromise. The vulnerability should be addressed promptly by implementing the Nov-2023 Release 1 or applying a patch provided by the vendor to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share