What is CVE-2023-33244?

CVE-2023-33244 is a vulnerability in Obsidian before version 1.2.2 that allows calls to unintended APIs, potentially granting microphone access, camera access, and desktop notification to an embedded web page.

What is the severity of CVE-2023-33244?

CVE-2023-33244 has a severity rating of 8.2, which is considered high.

How does CVE-2023-33244 affect Obsidian?

CVE-2023-33244 affects Obsidian versions up to and excluding 1.2.2, allowing unauthorized calls to unintended APIs for microphone access, camera access, and desktop notification through an embedded web page.

How can I fix CVE-2023-33244?

To fix CVE-2023-33244, it is recommended to update Obsidian to version 1.2.2 or later, as the vulnerability has been patched in this release.

Where can I find more information about CVE-2023-33244?

You can find more information about CVE-2023-33244 in the Obsidian forum post [here](https://forum.obsidian.md/t/obsidian-release-v1-2-2-insider-build/57488) and in the vulnerability advisory [here](https://vuln.ryotak.net/advisories/66).

Vulnerability/
CVE-2023-33244

high

8.2

20/5/2023

26/5/2023

CVE-2023-33244

First published: Sat May 20 2023(Updated: )

Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Obsidian Obsidian	<1.2.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-33244?
CVE-2023-33244 is a vulnerability in Obsidian before version 1.2.2 that allows calls to unintended APIs, potentially granting microphone access, camera access, and desktop notification to an embedded web page.
What is the severity of CVE-2023-33244?
CVE-2023-33244 has a severity rating of 8.2, which is considered high.
How does CVE-2023-33244 affect Obsidian?
CVE-2023-33244 affects Obsidian versions up to and excluding 1.2.2, allowing unauthorized calls to unintended APIs for microphone access, camera access, and desktop notification through an embedded web page.
How can I fix CVE-2023-33244?
To fix CVE-2023-33244, it is recommended to update Obsidian to version 1.2.2 or later, as the vulnerability has been patched in this release.
Where can I find more information about CVE-2023-33244?
You can find more information about CVE-2023-33244 in the Obsidian forum post [here](https://forum.obsidian.md/t/obsidian-release-v1-2-2-insider-build/57488) and in the vulnerability advisory [here](https://vuln.ryotak.net/advisories/66).

collector/nvd-index
vendor/obsidian
product/obsidian
canonical/obsidian obsidian

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.