CVE-2023-23435

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 29, 2023
Updated: Jan 4, 2024
CWE ID 347

Summary

CVE-2023-23435 is a signature management vulnerability affecting certain Honor products. This vulnerability could potentially allow an attacker to overwrite the correct system file with a forged one. The base severity of this vulnerability is rated as HIGH, with a base score of 7.1. The exploitability score is 1.8, indicating that it is relatively easy to exploit. The impact score is 5.2, suggesting that the vulnerability has a significant impact on integrity. The attack vector is local, and the privileges required are low, meaning that an attacker does not need extensive privileges to exploit this vulnerability. There is no user interaction required for exploitation. The potential danger posed by this vulnerability includes the possibility of unauthorized access or modification of system files, which can lead to system compromise or disruption. It is important for organizations using affected Honor products to apply appropriate remediation measures promptly to mitigate the risk posed by this vulnerability and ensure the security of their systems and data.

Note: The provided information does not include specific instructions on how to remediate the vulnerability as it was not available in the given text.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-23435 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options