CVE-2023-32871

In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.

Published: May 6, 2024
Updated: May 7, 2024
CVE: CVE-2023-32871
Exploit:

No technical information available.

CWEs:

CWE-754

Affected Software
References

Software	From	Fixed in
linuxfoundation / yocto	3.3	3.3.x
linuxfoundation / yocto	4.0	4.0.x
rdkcentral / rdk-b	2022q3	2022q3.x
google / android	12.0	12.0.x
google / android	13.0	13.0.x
google / android	14.0	14.0.x
google / android	15.0	15.0.x
openwrt / openwrt	19.07.0	19.07.0.x
openwrt / openwrt	21.02.0	21.02.0.x

https://corp.mediatek.com/product-security-bulletin/May-2024

Vulnerability Database

289,697

CVE-2023-32871