CVE-2023-32871
EUVD-2023-3709206.05.2024, 03:15
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.3 |
| linuxfoundation | yocto | 4.0 |
| android | 12.0 | |
| android | 13.0 | |
| android | 14.0 | |
| android | 15.0 | |
| openwrt | openwrt | 19.07.0 |
| openwrt | openwrt | 21.02.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-391 - Unchecked Error Condition[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
- CWE-754 - Improper Check for Unusual or Exceptional ConditionsThe software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.