Signature Management Vulnerability in Honor Products
CVE-2023-23433

4MEDIUM

Key Information:

Vendor: Honor
Status: NTH-AN00
Vendor: CVE Published:; 29 December 2023

What is CVE-2023-23433?

A vulnerability exists in certain Honor products that affects signature management. Exploitation of this flaw could allow an unauthorized entity to forge a system file, enabling them to overwrite intended system files. This may compromise the integrity and security of affected devices, posing significant risks if left unaddressed.

Affected Version(s)

NTH-AN00 7.0.0.138 < 7.0.0.157

References

https://www.hihonor.com/global/security/cve-2023-23433/

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2023
Vulnerability Reserved
Jan 12, 2023