CVE-2023-48398

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 8, 2023
Updated: Mar 12, 2024
CWE ID 125

Summary

CVE-2023-48398 is a newly disclosed vulnerability affecting ProtocolNetAcBarringInfo in protocolnetadapter.cpp. This issue involves a missing bounds check, which could result in an out-of-bounds read. The consequences of this vulnerability are significant, as it may lead to remote information disclosure, potentially allowing for baseband firmware compromise. Notably, user interaction is not necessary for an attacker to exploit this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share