Lucene search
HistoryMay 06, 2024 - 3:15 a.m.
CVE-2023-32871
permission bypass
local escalation
user interaction
patch id
issue id
nvd
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.
Affected configurations
Node
googleandroidRange<11.0
ORgoogleandroidRange<12.0
ORgoogleandroidRange<13.0
ORgoogleandroidRange<14.0
mediatekmt2737
ORmediatekmt6739
ORmediatekmt6761
ORmediatekmt6765
ORmediatekmt6768
ORmediatekmt6771
ORmediatekmt6779
ORmediatekmt6781
ORmediatekmt6785
ORmediatekmt6789
ORmediatekmt6833
ORmediatekmt6835
ORmediatekmt6853
ORmediatekmt6853t
ORmediatekmt6855
ORmediatekmt6873
ORmediatekmt6877
ORmediatekmt6879
ORmediatekmt6880
ORmediatekmt6883
ORmediatekmt6885
ORmediatekmt6886
ORmediatekmt6889
ORmediatekmt6890
ORmediatekmt6893
ORmediatekmt6895
ORmediatekmt6897
ORmediatekmt6980
ORmediatekmt6983
ORmediatekmt6985
ORmediatekmt6989
ORmediatekmt6990
ORmediatekmt8167
ORmediatekmt8167s
ORmediatekmt8168
ORmediatekmt8173
ORmediatekmt8175
ORmediatekmt8185
ORmediatekmt8188
ORmediatekmt8195
ORmediatekmt8321
ORmediatekmt8362a
ORmediatekmt8365
ORmediatekmt8385
ORmediatekmt8390
ORmediatekmt8395
ORmediatekmt8755
ORmediatekmt8765
ORmediatekmt8766
ORmediatekmt8768
ORmediatekmt8775
ORmediatekmt8781
ORmediatekmt8786
ORmediatekmt8788
ORmediatekmt8789
ORmediatekmt8791
ORmediatekmt8791t
ORmediatekmt8797
ORmediatekmt8798
| Vendor | Product | Version | CPE |
|---|---|---|---|
| android | * | cpe:2.3:o:google:android:*:*:*:*:*:*:*:* | |
| android | * | cpe:2.3:o:google:android:*:*:*:*:*:*:*:* | |
| android | * | cpe:2.3:o:google:android:*:*:*:*:*:*:*:* | |
| android | * | cpe:2.3:o:google:android:*:*:*:*:*:*:*:* | |
| mediatek | mt2737 | * | cpe:2.3:h:mediatek:mt2737:*:*:*:*:*:*:*:* |
| mediatek | mt6739 | * | cpe:2.3:h:mediatek:mt6739:*:*:*:*:*:*:*:* |
| mediatek | mt6761 | * | cpe:2.3:h:mediatek:mt6761:*:*:*:*:*:*:*:* |
| mediatek | mt6765 | * | cpe:2.3:h:mediatek:mt6765:*:*:*:*:*:*:*:* |
| mediatek | mt6768 | * | cpe:2.3:h:mediatek:mt6768:*:*:*:*:*:*:*:* |
| mediatek | mt6771 | * | cpe:2.3:h:mediatek:mt6771:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "MediaTek, Inc.",
"product": "MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798",
"versions": [
{
"version": "Android 11.0, 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3, 4.0 / RDK-B 22Q3",
"status": "affected"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2023-32871
2024-05-06 03:15:09
vulnrichment
vulnrichment
CVE-2023-32871
2024-05-06 02:51:52
cvelist
cvelist
CVE-2023-32871
2024-05-06 02:51:52