CVE-2023-48221 — HIGH (7.3)

Q: How severe is CVE-2023-48221?

CVE-2023-48221 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-48221?

Check the references section above for vendor advisories and patch information. Affected products include: Wire Audio\, Video\, And Signaling.

Vulnerability Description

wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 & 9.3.5 and is already included on all Wire products. No known workarounds are available.

CVSS Score

7.3

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Wire	Audio\, Video\, And Signaling	< 9.2.22

Related Weaknesses (CWE)

CWE-134

References

FAQ

What is CVE-2023-48221?

CVE-2023-48221 is a vulnerability with a CVSS score of 7.3 (HIGH). wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially a...

How severe is CVE-2023-48221?

CVE-2023-48221 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-48221?

Check the references section above for vendor advisories and patch information. Affected products include: Wire Audio\, Video\, And Signaling.