CVE-2023-31488
CRITICALHyland Perceptive Filters < 2023-12-08 - Crafted Document Code Execution
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2023-31488. PoCs published by ly1g3.
AI-analyzed exploit summary This repository provides a detailed technical writeup and functional PoC exploit for CVE-2023-31488, a memory corruption vulnerability in Lexmark Perceptive Filters (used by Cisco ESA) leading to unauthenticated remote code execution as root via a crafted PDF attachment. The exploit leverages a ROP chain to bypass NX and execute shellcode.
Description
Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow attackers to trigger a segmentation fault and execute arbitrary code via a crafted document.
Exploits (1)
This repository provides a detailed technical writeup and functional PoC exploit for CVE-2023-31488, a memory corruption vulnerability in Lexmark Perceptive Filters (used by Cisco ESA) leading to unauthenticated remote code execution as root via a crafted PDF attachment. The exploit leverages a ROP chain to bypass NX and execute shellcode.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H