CVE-2023-32871
MEDIUMDescription
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| linuxfoundation | yocto |
| linuxfoundation | yocto |
| rdkcentral | rdk-b |
| android | |
| android | |
| android | |
| android | |
| openwrt | openwrt |
| openwrt | openwrt |
| mediatek | mt2737 |
| mediatek | mt6739 |
| mediatek | mt6761 |
| mediatek | mt6765 |
| mediatek | mt6768 |
| mediatek | mt6771 |
| mediatek | mt6779 |
| mediatek | mt6781 |
| mediatek | mt6785 |
| mediatek | mt6789 |
| mediatek | mt6833 |
| mediatek | mt6835 |
| mediatek | mt6853 |
| mediatek | mt6853t |
| mediatek | mt6855 |
| mediatek | mt6873 |
| mediatek | mt6877 |
| mediatek | mt6879 |
| mediatek | mt6880 |
| mediatek | mt6883 |
| mediatek | mt6885 |
| mediatek | mt6886 |
| mediatek | mt6889 |
| mediatek | mt6890 |
| mediatek | mt6893 |
| mediatek | mt6895 |
| mediatek | mt6897 |
| mediatek | mt6980 |
| mediatek | mt6983 |
| mediatek | mt6985 |
| mediatek | mt6989 |
| mediatek | mt6990 |
| mediatek | mt8167 |
| mediatek | mt8167s |
| mediatek | mt8168 |
| mediatek | mt8173 |
| mediatek | mt8175 |
| mediatek | mt8185 |
| mediatek | mt8188 |
| mediatek | mt8195 |
| mediatek | mt8321 |
| mediatek | mt8362a |
| mediatek | mt8365 |
| mediatek | mt8385 |
| mediatek | mt8390 |
| mediatek | mt8395 |
| mediatek | mt8755 |
| mediatek | mt8765 |
| mediatek | mt8766 |
| mediatek | mt8768 |
| mediatek | mt8775 |
| mediatek | mt8781 |
| mediatek | mt8786 |
| mediatek | mt8788 |
| mediatek | mt8789 |
| mediatek | mt8791 |
| mediatek | mt8791t |
| mediatek | mt8797 |
| mediatek | mt8798 |
References
Frequently Asked Questions
What is CVE-2023-32871? +
How severe is CVE-2023-32871? +
What products are affected by CVE-2023-32871? +
How do I check if I'm vulnerable to CVE-2023-32871? +
Related Vulnerabilities
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext …
picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments …
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, …
Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a …
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics …
containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint …