CVE-2023-4265

CVSS 3.1 Score 9.6 of 10 (high)

Details

Published Aug 12, 2023
Updated: Jan 12, 2024
CWE ID 22

Summary

CVE-2023-4265 is a newly disclosed vulnerability affecting the Zephyr Real-Time Operating System (RTOS). The issue lies in the USB drivers, specifically in the files usb_dc_native_posix.c and function_rndis.c. These files contain potential buffer overflow vulnerabilities that could be exploited by malicious entities, leading to unintended system behavior or even complete system takeover. The exact locations of the vulnerabilities are at line 359 in the first file and line 841 in the second file. Users of Zephyr RTOS are advised to update their systems as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Progress Ws Ftp Server

Affected Vendors

  • Progress Publishers