File Writing Vulnerability in Honor Devices Allows Code Execution
CVE-2023-23424

6.5MEDIUM

Key Information:

Vendor: Honor
Status: Nth-an00
Vendor: CVE Published:; 29 December 2023

What is CVE-2023-23424?

Certain Honor devices are susceptible to a file writing vulnerability, which could potentially allow attackers to execute arbitrary code. This security flaw underscores the importance of regular updates and vigilance in maintaining device security. Users are advised to check their device firmware and apply all the latest security patches to mitigate this risk.

Affected Version(s)

NTH-AN00 7.0 < 7.0.0.120

References

https://www.hihonor.com/global/security/cve-2023-23424/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2023
Vulnerability Reserved
Jan 12, 2023