CVE-2023-6534

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 13, 2023

Updated: Jan 12, 2024

Summary

CVE-2023-6534 is a vulnerability found in versions of FreeBSD 14.0-RELEASE, FreeBSD 13.2-RELEASE, and FreeBSD 12.4-RELEASE. The issue lies in the pf(4) packet filter's incorrect validation of TCP sequence numbers. This vulnerability could potentially be exploited by malicious actors to launch denial-of-service attacks against hosts behind the firewall. The base severity of this vulnerability is rated as HIGH, with a CVSS score of 7.5, indicating its potential danger to organizations. To remediate this vulnerability, organizations using affected versions of FreeBSD should update to the patched releases such as 14-RELEASE-p2, 13.2-RELEASE-p7, or 12.4-RELEASE-p9 to ensure the proper validation of TCP sequence numbers and prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-6534 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database