CVE-2023-45594

Name of the Vulnerable Software and Affected Versions AiLux imx6 bundle versions prior to imx6 1.0.7-2

Description A CWE-552 vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download or upload files to or from the file system. This issue has unspecified impacts on the confidentiality, integrity, and availability of the device.

Recommendations For AiLux imx6 bundle versions prior to imx6 1.0.7-2, update to version imx6 1.0.7-2 or later to resolve the issue. As a temporary workaround, consider restricting access to the embedded Chromium browser to minimize the risk of exploitation.