CVE-2023-49993

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 12, 2023
Updated: Jan 19, 2024
CWE ID 120

Summary

CVE-2023-49993 is a vulnerability found in Espeak-ng 1.52-dev software. It is a buffer overflow vulnerability discovered in the function ReadClause at readclause.c. The risk score for this vulnerability is 25, indicating a medium severity level. The base score is 5.3, with low impact on integrity and confidentiality. The attack vector is local, and user interaction is required. The vulnerability does not require any privileges to exploit. To remediate this vulnerability, users should update their Espeak-ng software to a patched version provided by the vendor. This vulnerability poses a potential danger to organizations that use Espeak-ng as it could be exploited by attackers to execute arbitrary code or cause denial of service on affected systems.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49993 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options