CVE-2023-43998

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 24, 2024
Updated: Jan 26, 2024

Summary

CVE-2023-43998 is a vulnerability affecting the Books-futaba mini-app on Line version 13.6.1. This issue enables attackers to send malicious notifications by exploiting the leakage of the channel access token. The token, which should be protected, is exposed, allowing unauthorized parties to craft and deliver notifications to unsuspecting users. This vulnerability poses a risk for potential phishing attacks and data theft. Users are advised to update their apps to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share