CVE-2023-42648

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 1, 2023
Updated: Nov 8, 2023
CWE ID 862

Summary

CVE-2023-42648 is a newly identified vulnerability that affects engineering modes. The issue involves a missing permission check, which can lead to local information disclosure without requiring any additional execution privileges. This vulnerability can potentially expose sensitive information to unauthorized users within the same system, posing a significant risk to security. It is recommended that affected organizations apply the necessary patches to mitigate this issue promptly. Failure to address this vulnerability could result in potential data breaches or unintended system alterations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share