CVE-2023-26323
CVSS 3.1 Score 7.6 of 10 (high)
Details
Summary
CVE-2023-26323 is a code execution vulnerability found in several Xiaomi App market products, including models yHRY15, yHAUUc, yHebjn, yHRY16, and yHAUUb. This vulnerability arises from unsafe configuration settings and allows attackers to execute arbitrary code with low privileges and no user interaction required. The severity of this vulnerability is rated as high, with a base score of 7.6 on the CVSS scale, indicating significant potential for integrity impact. To mitigate the risk associated with this vulnerability, organizations should apply recommended security patches provided by Xiaomi and ensure proper configuration of the affected products. If exploited, this vulnerability could enable unauthorized access to systems within an adjacent network, posing a serious threat to organizational security.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.