CVE-2023-40735: Butterfly Button Project - Sensitive Information Disclosure

7.5 CVSS

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo – Connecting for a Safer World BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21.

Classification

CVE ID: CVE-2023-40735

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

Affected Products

Vendor: Cavo – Connecting for a Safer World

Product: BUTTERFLY BUTTON

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.16% (probability of being exploited)

EPSS Percentile: 53.86% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.vulsec.org/advisories
https://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md
https://butterfly-button.web.app/
https://github.com/TheButterflyButton
https://github.com/TheButterflySDK
https://www.butterfly-button.com/

Timeline

2024-12-05 00:32:11 UTC
CVE

Butterfly Button Project - Sensitive Information Disclosure