CVE-2023-44141

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 30, 2023
Updated: Nov 6, 2023
CWE ID 94

Summary

CVE-2023-44141 is a high-severity vulnerability affecting Inkdrop prior to version 5.6.0. It allows a local attacker to execute a code injection attack by tricking a legitimate user into opening a specially crafted markdown file. The vulnerability has a base score of 7.8 and an impact score of 5.9, indicating its potential danger to organizations. The affected products include various versions of i-U_b_, pkfvEn, i-U_cD, i-U_cC, tSyxtZ, tSyxta, i-U_cB, i-U_cA, tSyxtb, tSyxtc, pkfvEo, i-U_cH, i-U_cG, pkfvEp, tSyxtd, i-U_cF, pkfvEq, and i-U_cE. To remediate the issue and mitigate the risk posed by this vulnerability, users should update their Inkdrop software to version 5.6.0 or newer.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44141 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options