How severe is CVE-2023-0847?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2023-0847?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2023-0847 - HIGH Severity | CVSS 8.1

Vulnerability Description

The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution.

Related Vulnerabilities

CVE-2012-0754

HIGH

CVSS:8.1(High)

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack...

CWE-7872012

CVE-2016-2371

HIGH

CVSS:8.1(High)

An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.

CWE-7872016

CVE-2017-2780

HIGH

CVSS:8.1(High)

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflo...

CWE-7872017

CVE-2017-2781

HIGH

CVSS:8.1(High)

CWE-7872017

CVE-2018-5210

HIGH

CVSS:8.1(High)

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to...

CWE-7872018

CVE-2019-11516

HIGH

CVSS:8.1(High)

An issue was discovered in the Bluetooth component of the Cypress (formerly owned by Broadcom) Wireless IoT codebase. Extended Inquiry Responses (EIRs) are improperly handled, which causes a heap-base...

CWE-7872019