In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between February 18-19, 2024.
During this period, The National Vulnerability Database published 29, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 2
Medium: 1
Low: 0
Severity Not Assigned: 26
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-6749
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.5
Description: Unchecked length coming from user input in settings shell
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-6249
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.5
Description: Signed to unsigned conversion esp32_ipm_send
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc
CWE-ID: CWE-704
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between February 18-19, 2024.
During this period, The National Vulnerability Database published 29, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 2
Medium: 1
Low: 0
Severity Not Assigned: 26
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-6749
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.5
Description: Unchecked length coming from user input in settings shell
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-6249
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.5
Description: Signed to unsigned conversion esp32_ipm_send
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc
CWE-ID: CWE-704
Common Platform Enumerations (CPE): Not Found