CVE-2023-42535

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 7, 2023
Updated: Nov 13, 2023
CWE ID 787

Summary

CVE-2023-42535 is a newly disclosed vulnerability that affects the read_block function in the vold component of certain storage systems before the SMR Nov-2023 Release 1. This out-of-bounds write issue permits a local attacker to inject arbitrary code, potentially leading to serious security consequences such as system compromise or data theft. The vulnerability could be exploited by an attacker with local access to the affected system, making it a significant threat if not addressed promptly. System administrators are advised to apply the latest patch or update to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share