CVE-2023-6362

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Oct 7, 2024

CWE ID 119

Summary

CVE-2023-6362 is a newly identified buffer overflow vulnerability that affects Winhex versions 16.1 SR-1 and 20.4. The issue lies in the way the software handles long filename arguments, enabling attackers to manipulate the Structured Exception Handler (SEH) registers and execute arbitrary code. This could potentially lead to system compromise and data theft. Users are advised to update to the latest version of Winhex or consider alternative software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Winhex

Affected Vendors

Tanium

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tmMjRS
https://www.cve.org/CVERecord?id=CVE-2023-6362
https://nvd.nist.gov/vuln/detail/CVE-2023-6362

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners