CVE-2023-33668
CRITICALCVSS v3.1: 9.8 · EPSS: 0.0043 (34.5 percentile)
Source data as of:
At a glance
- Severity
- CRITICAL
- CVSS
- 9.8 v3.1 · NVD
- EPSS
- 0.0043 (34.5 percentile) · FIRST.org
- CISA KEV
- No
- Attack conditions (CVSS vector)
- NetworkNo privilegesNo user interaction · Source: NVD Vector
- Affected vendors
- digiexam
- Published
- 2023-07-12 · Modified: 2026-07-05
- References
- Jump to references (2)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.
- Reference https://github.com/lodi-g/CVE-2023-33668
- Reference http://digiexam.com