CVE-2023-23443

CVSS v3 4.6 MEDIUM

4.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.5 / Impact : 2.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.

References

Link	Resource
https://www.hihonor.com/global/security/cve-2023-23443/	Vendor Advisory
https://www.hihonor.com/global/security/cve-2023-23443/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:46

Type	Values Removed	Values Added
References	~~() https://www.hihonor.com/global/security/cve-2023-23443/ - Vendor Advisory~~	() https://www.hihonor.com/global/security/cve-2023-23443/ - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~7.1~~	v2 : unknown v3 : 4.6

Information

Published : 2023-12-29 04:15

Updated : 2025-04-17 21:15

NVD link : CVE-2023-23443

Mitre link : CVE-2023-23443

CVE.ORG link : CVE-2023-23443

JSON object : View

Products Affected

magic_os

CWE

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

{"id": "CVE-2023-23443", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 2.7, "exploitabilityScore": 1.5}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2023-12-29T04:15:08.883", "references": [{"url": "https://www.hihonor.com/global/security/cve-2023-23443/", "tags": ["Vendor Advisory"], "source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"}, {"url": "https://www.hihonor.com/global/security/cve-2023-23443/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-843"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-843"}]}], "descriptions": [{"lang": "en", "value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"}, {"lang": "es", "value": "Algunos productos Honor se ven afectados por una vulnerabilidad de confusi\u00f3n de tipos; una explotaci\u00f3n exitosa podr\u00eda provocar una fuga de informaci\u00f3n."}], "lastModified": "2025-04-17T21:15:46.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "393692F6-5660-43F4-95B6-A0314C73D79C", "versionEndExcluding": "7.0.0.156"}], "operator": "OR"}]}], "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4"}