CVSS 3.1 Score 7.8 of 10 (high)


Published Nov 15, 2023
Updated: Nov 21, 2023
CWE ID 125


CVE-2023-47585 is an out-of-bounds read vulnerability found in V-Server V4.0.18.0 and earlier, as well as V-Server Lite V4.0.18.0 and earlier. This vulnerability allows for the disclosure of information and potential execution of arbitrary code when a user opens a specially crafted VPR file. The affected products include dfQJb3, inQFDM, hYTcZx, aWJOQn, nBIOtx, m-KPwZ, nBIOtz, nBIOty, m-KPwa, and sJtOry. The vulnerability has a high severity rating with a base score of 7.8 and can be exploited locally with required user interaction. It has the potential to impact confidentiality and integrity with a high availability impact as well. Organizations should remediate this vulnerability by updating to the latest versions of V-Server or V-Server Lite to mitigate the risks associated with this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47585 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options