CVE-2023-5139

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Oct 26, 2023
Updated: Jan 21, 2024
CWE ID 79

Summary

CVE-2023-5139 is a newly identified vulnerability affecting the Zephyr STM32 Crypto driver. This issue involves a potential buffer overflow, which could be exploited by an attacker to execute malicious code or cause a system crash. The Zephyr Project's Crypto driver is a widely used component in various IoT and embedded systems, making this vulnerability particularly noteworthy. Successful exploitation requires an attacker to craft and send specially crafted data to the vulnerable system, potentially leading to significant consequences. System administrators and developers are urged to update their Crypto driver to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share