Incorrect Privilege Assignment Vulnerability in Honor Products
CVE-2023-51435

7.1HIGH

Key Information:

Vendor: Honor
Status: Magic Ui
Vendor: CVE Published:; 29 December 2023

What is CVE-2023-51435?

Certain Honor devices are impacted by a vulnerability that arises from improper privilege assignments. If successfully exploited, this vulnerability may lead to unauthorized access and potential information leaks, compromising the integrity and confidentiality of user data. It is essential for users of the affected Honor products to implement the necessary security measures to mitigate these risks.

Affected Version(s)

Magic UI 6.0 < 6.1.0.212

References

https://www.hihonor.com/global/security/cve-2023-51435/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2023
Vulnerability Reserved
Dec 19, 2023