CVEbaza.plCWE DictionaryCWE-421
Common Weakness Enumeration

CWE-421

Race Condition During Access to Alternate Channel

Category: BaseCVE: 8
Description

The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.

Extended Description

This creates a race condition that allows an attacker to access the channel before the authorized user does.

CVE vulnerabilities with CWE-421 (8)
7.5
CVSS
HIGH
CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.

pub. 2025-08-01
7.5
CVSS
HIGH
CVE-2023-34438

Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

pub. 2023-08-11
6.5
CVSS
MEDIUM
CVE-2023-43687

An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks between file verification and execution.

pub. 2025-08-14
6.5
CVSS
MEDIUM
CVE-2023-22310

Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.

pub. 2023-11-14
6.5
CVSS
MEDIUM
CVE-2023-22276

Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access.

pub. 2023-08-11
4.6
CVSS
MEDIUM
CVE-2023-34349

Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

pub. 2023-08-11
4.3
CVSS
MEDIUM
CVE-2023-40536

Race condition for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

pub. 2024-05-16
1.8
CVSS
LOW
CVE-2023-41090

Race condition in some Intel(R) MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access.

pub. 2024-02-14
Information
ID: CWE-421
Type: Base
Vulnerabilities: 8
MITRE CWE ↗
← CWE Dictionary