Home > Vulnerability Database > CVE-2023-2226

Mend.io Vulnerability Database

CVE-2023-2226

Good to know:

Date: April 21, 2023

Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed, the attacker needs to be able to introduce malicious files to the system at the same time that Velociraptor attempts to collect any artifacts that attempt to parse PE files, Authenticode signatures, or OLE files. After crashing, the Velociraptor service will restart and it will still be possible to collect other artifacts.

Language: Go

Severity Score

5.3

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-2226

Url: https://github.com/Velocidex/velociraptor

Url: https://www.mend.io/vulnerability-database/CVE-2023-2226

Severity Score

5.3

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

Top Fix

Upgrade Version

Upgrade to version v0.6.8-1

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-2226

Good to know:

Date: April 21, 2023

Language: Go

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?