Signature Management Vulnerability in Honor Products
CVE-2023-23432

7.3HIGH

Key Information:

Vendor: Honor
Status: Nth-an00
Vendor: CVE Published:; 29 December 2023

What is CVE-2023-23432?

A security flaw in various Honor products related to signature management could allow an attacker to bypass verification processes, leading to the overwrite of legitimate system files with maliciously crafted ones. This flaw poses significant risks to system integrity and may compromise the overall security of affected devices.

Affected Version(s)

NTH-AN00 7.0.0.138 < 7.0.0.157

References

https://www.hihonor.com/global/security/cve-2023-23432/

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2023
Vulnerability Reserved
Jan 12, 2023