{"id":23887,"date":"2025-04-16T05:18:14","date_gmt":"2025-04-16T05:18:14","guid":{"rendered":""},"modified":"2025-04-23T06:19:26","modified_gmt":"2025-04-23T06:19:26","slug":"cve-2023-33114-npu-memory-corruption-leading-to-potential-system-compromise-or-data-leakage","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-33114-npu-memory-corruption-leading-to-potential-system-compromise-or-data-leakage\/","title":{"rendered":"CVE-2023-33114: NPU Memory Corruption Leading to Potential System Compromise or Data Leakage<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity field has witnessed the emergence of a new vulnerability, CVE-2023-33114, posing a significant risk to the integrity, confidentiality, and availability of data. This vulnerability, which resides in the running of the Network Processing Unit (NPU), affects an array of systems that rely on this hardware component. The vulnerability exhibits its impact<\/a> when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted simultaneously, leading to memory corruption. The severity of this vulnerability is undeniable, as it could potentially lead to system<\/a> compromise or data leakage, underscoring the urgency for immediate and effective mitigation actions.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2023-33114
\nSeverity: High (CVSS: 8.4)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: System compromise and\/or data leakage<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n