CVE-2023-41784

Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034444	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:zte:redmagic_8_pro_firmware:gen_cn_nx729jv1.0.0b21mr:*:*:*:*:*:*:*

cpe:2.3:h:zte:redmagic_8_pro:-:*:*:*:*:*:*:*

History

28 Feb 2024, 17:46

Type	Values Removed	Values Added
CPE	cpe:2.3:o:zte:red_magic_8_pro_firmware:gen_cn_nx729jv1.0.0b21mr:::::::* cpe:2.3:h:zte:red_magic_8_pro:-:::::::*	cpe:2.3:o:zte:redmagic_8_pro_firmware:gen_cn_nx729jv1.0.0b21mr:::::::* cpe:2.3:h:zte:redmagic_8_pro:-:::::::*
First Time		Zte redmagic 8 Pro Firmware Zte redmagic 8 Pro

10 Jan 2024, 16:42

Type	Values Removed	Values Added
References	~~() https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034444 -~~	() https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034444 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~6.6~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:zte:red_magic_8_pro_firmware:gen_cn_nx729jv1.0.0b21mr:::::::* cpe:2.3:h:zte:red_magic_8_pro:-:::::::*
First Time		Zte Zte red Magic 8 Pro Firmware Zte red Magic 8 Pro
CWE		NVD-CWE-Other

Information

Published : 2024-01-04 08:15

Updated : 2024-02-28 17:46

NVD link : CVE-2023-41784

Mitre link : CVE-2023-41784

CVE.ORG link : CVE-2023-41784

JSON object : View

Products Affected

zte

redmagic_8_pro_firmware
redmagic_8_pro

CWE

NVD-CWE-Other CWE-269

Improper Privilege Management

5.5 /10