CVE-2023-35373: Mono Authenticode Validation Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.3)

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2023-Jul

Released

2023-07-11

EPSS Score

0.54% (percentile: 67.5%)

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.

Affected Products (1)

Developer Tools

• Mono 6.12.0

Security Updates (1)

• Release Notes

Acknowledgments

Bill Demirkapi with Microsoft

Revision History

• 2023-07-11: Information published.