CVE-2023-6683

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 12, 2024
Updated: Feb 23, 2024
CWE ID 476

Summary

CVE-2023-6683 is a vulnerability that affects multiple products, including aXjN6B, eCJhKK, d0rE62, sgaPme, and nv-TCv. The vulnerability exists in the QEMU built-in VNC server while processing ClientCutText messages. It allows a malicious authenticated VNC client to crash QEMU and trigger a denial of service by exploiting a NULL pointer dereference in the qemu_clipboard_request() function. The vulnerability has a base severity of MEDIUM and an exploitability score of 2.8. It poses a potential danger to organizations as it can lead to service disruption or interruption in affected systems. Remediation steps should be taken promptly to address this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6683 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options