Type Confusion Vulnerability in Honor Products
CVE-2023-23443

7.1HIGH

Key Information:

Vendor: Honor
Status: Magic Os
Vendor: CVE Published:; 29 December 2023

What is CVE-2023-23443?

Certain Honor devices are susceptible to a type confusion vulnerability that can lead to unauthorized information leakage. Exploiting this flaw may allow attackers to access sensitive data, thus compromising user privacy and device integrity. It is important for users of the affected products to be aware of this vulnerability and monitor for security updates to mitigate potential risks.

Affected Version(s)

Magic OS 7.0 < 7.0.0.156

References

https://www.hihonor.com/global/security/cve-2023-23443/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2023
Vulnerability Reserved
Jan 12, 2023