CVE-2023-4265
CVSS 3.1 Score 9.6 of 10 (high)
Details
Summary
CVE-2023-4265 is a newly disclosed vulnerability affecting the Zephyr Real-Time Operating System (RTOS). The issue lies in the USB drivers, specifically in the files usb_dc_native_posix.c and function_rndis.c. These files contain potential buffer overflow vulnerabilities that could be exploited by malicious entities, leading to unintended system behavior or even complete system takeover. The exact locations of the vulnerabilities are at line 359 in the first file and line 841 in the second file. Users of Zephyr RTOS are advised to update their systems as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Progress Ws Ftp Server
Affected Vendors
- Progress Publishers