CVE-2023-46570

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 28, 2023
Updated: Oct 31, 2023
CWE ID 125

Summary

CVE-2023-46570 is a newly disclosed vulnerability affecting radare2 version 5.8.9 and older. This issue involves an out-of-bounds read in the print_insn32 function, located in libr/arch/p/nds32/nds32-dis.h. Exploitation of this vulnerability could potentially allow an attacker to read memory beyond the intended bounds, leading to potential information disclosure. Radare2 users are strongly encouraged to update to a patched version to mitigate this risk. The exact implications and potential exploitability of this vulnerability are currently under investigation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share