PT-2023-28392 · Unknown · Libsec-Ril

Balance

Publicado

2023-11-07

Atualizado

2024-01-27

CVE-2023-42527

CVSS v3.1

5.6

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions libsec-ril versions prior to SMR Nov-2023 Release 1

Description The issue is related to an improper input validation vulnerability in the ProcessWriteFile function of libsec-ril. This vulnerability allows local attackers to expose sensitive information.

Recommendations For versions prior to SMR Nov-2023 Release 1, update to SMR Nov-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the ProcessWriteFile function to minimize the risk of exploitation.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2023-42527

Produtos afetados

Libsec-Ril

PT-2023-28392 · Unknown · Libsec-Ril

CVE-2023-42527

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4