Use After Free Vulnerability in lwis_transaction_client_cleanup of lwis_transaction.c

Use After Free Vulnerability in lwis_transaction_client_cleanup of lwis_transaction.c

CVE-2023-35660 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Learn more about our User Device Pen Test.