Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
22 vulnerabilities found for magic_os by hihonor
CVE-2023-51429 (GCVE-0-2023-51429)
Vulnerability from nvd – Published: 2023-12-29 03:36 – Updated: 2024-09-09 17:42
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
6 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T17:41:47.514180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T17:42:09.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:36:16.905Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51429",
"datePublished": "2023-12-29T03:36:16.905Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-09-09T17:42:09.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51428 (GCVE-0-2023-51428)
Vulnerability from nvd – Published: 2023-12-29 03:32 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:32:31.596Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51428",
"datePublished": "2023-12-29T03:32:31.596Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51427 (GCVE-0-2023-51427)
Vulnerability from nvd – Published: 2023-12-29 03:30 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:30:31.955Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51427",
"datePublished": "2023-12-29T03:30:31.955Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51426 (GCVE-0-2023-51426)
Vulnerability from nvd – Published: 2023-12-29 03:28 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:28:07.173Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51426",
"datePublished": "2023-12-29T03:28:07.173Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23443 (GCVE-0-2023-23443)
Vulnerability from nvd – Published: 2023-12-29 03:18 – Updated: 2025-04-17 20:22
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T16:36:46.242916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T20:22:45.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:18:41.853Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23443",
"datePublished": "2023-12-29T03:18:41.853Z",
"dateReserved": "2023-01-12T04:00:30.137Z",
"dateUpdated": "2025-04-17T20:22:45.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23442 (GCVE-0-2023-23442)
Vulnerability from nvd – Published: 2023-12-29 03:15 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23442/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.158",
"status": "affected",
"version": "7.0.0.106",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:15:52.271Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23442/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23442",
"datePublished": "2023-12-29T03:15:52.271Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23429 (GCVE-0-2023-23429)
Vulnerability from nvd – Published: 2023-12-29 03:06 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23429/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.193",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:06:35.184Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23429/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23429",
"datePublished": "2023-12-29T03:06:35.184Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23428 (GCVE-0-2023-23428)
Vulnerability from nvd – Published: 2023-12-29 03:02 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23428/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.2.0.102",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:02:16.998Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23428/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23428",
"datePublished": "2023-12-29T03:02:16.998Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23427 (GCVE-0-2023-23427)
Vulnerability from nvd – Published: 2023-12-29 02:58 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23427/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.74",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:58:41.511Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23427/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23427",
"datePublished": "2023-12-29T02:58:41.511Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23436 (GCVE-0-2023-23436)
Vulnerability from nvd – Published: 2023-12-29 02:12 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
Severity ?
7.3 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23436/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.100",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\u003c/span\u003e\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:12:01.783Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23436/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23436",
"datePublished": "2023-12-29T02:12:01.783Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23435 (GCVE-0-2023-23435)
Vulnerability from nvd – Published: 2023-12-29 02:08 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
Severity ?
4 (Medium)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T19:55:26.456077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T19:55:32.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23435/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.137",
"status": "affected",
"version": "7.1.0.127",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:08:26.355Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23435/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23435",
"datePublished": "2023-12-29T02:08:26.355Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51429 (GCVE-0-2023-51429)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:36 – Updated: 2024-09-09 17:42
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
6 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T17:41:47.514180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T17:42:09.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:36:16.905Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51429",
"datePublished": "2023-12-29T03:36:16.905Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-09-09T17:42:09.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51428 (GCVE-0-2023-51428)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:32 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:32:31.596Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51428",
"datePublished": "2023-12-29T03:32:31.596Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51427 (GCVE-0-2023-51427)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:30 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:30:31.955Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51427",
"datePublished": "2023-12-29T03:30:31.955Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51426 (GCVE-0-2023-51426)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:28 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:28:07.173Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51426",
"datePublished": "2023-12-29T03:28:07.173Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23443 (GCVE-0-2023-23443)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:18 – Updated: 2025-04-17 20:22
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T16:36:46.242916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T20:22:45.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:18:41.853Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23443",
"datePublished": "2023-12-29T03:18:41.853Z",
"dateReserved": "2023-01-12T04:00:30.137Z",
"dateUpdated": "2025-04-17T20:22:45.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23442 (GCVE-0-2023-23442)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:15 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23442/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.158",
"status": "affected",
"version": "7.0.0.106",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:15:52.271Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23442/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23442",
"datePublished": "2023-12-29T03:15:52.271Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23429 (GCVE-0-2023-23429)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:06 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23429/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.193",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:06:35.184Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23429/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23429",
"datePublished": "2023-12-29T03:06:35.184Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23428 (GCVE-0-2023-23428)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:02 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23428/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.2.0.102",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:02:16.998Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23428/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23428",
"datePublished": "2023-12-29T03:02:16.998Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23427 (GCVE-0-2023-23427)
Vulnerability from cvelistv5 – Published: 2023-12-29 02:58 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23427/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.74",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:58:41.511Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23427/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23427",
"datePublished": "2023-12-29T02:58:41.511Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2024-08-02T10:28:40.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23436 (GCVE-0-2023-23436)
Vulnerability from cvelistv5 – Published: 2023-12-29 02:12 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
Severity ?
7.3 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23436/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.100",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\u003c/span\u003e\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:12:01.783Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23436/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23436",
"datePublished": "2023-12-29T02:12:01.783Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23435 (GCVE-0-2023-23435)
Vulnerability from cvelistv5 – Published: 2023-12-29 02:08 – Updated: 2024-08-02 10:28
VLAI?
Summary
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
Severity ?
4 (Medium)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T19:55:26.456077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T19:55:32.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23435/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.1.0.137",
"status": "affected",
"version": "7.1.0.127",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T02:08:26.355Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23435/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23435",
"datePublished": "2023-12-29T02:08:26.355Z",
"dateReserved": "2023-01-12T04:00:30.136Z",
"dateUpdated": "2024-08-02T10:28:40.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}