CVE-2023-43799

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 4, 2023
Updated: Oct 10, 2023
CWE ID 20

Summary

CVE-2023-43799 is a vulnerability affecting the Altair GraphQL Client prior to version 5.2.5. The issue lies in the desktop application's failure to sanitize external URLs and inadequate process isolation. This puts MacOS, Windows, and Linux users at risk, as the vulnerability could allow malicious websites to execute arbitrary code. The latest version, 5.2.5, addresses these concerns by implementing proper URL sanitization and appropriate process isolation techniques.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share