← back
CVE-2023-25738

CVE-2023-25738

CVSS 6.5 MEDIUMEPSS 0.6%CWE-125
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →