CVE-2023-43481
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-43481 is a cybersecurity vulnerability affecting Shenzhen TCL Browser TV Web BrowseHere (com.tcl.browser) version 6.65.022_dab24cc6_231221_gp. This issue grants remote attackers the ability to execute arbitrary JavaScript code through the com.tcl.browser.portal.browse.activity.BrowsePageActivity component, posing a significant security risk. Attackers can leverage this vulnerability to inject malicious scripts and gain unauthorized access to user data or take control of the affected device. Users are advised to update their browsers to the latest version as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- tcl