Magic Ui
CVE-2023-23441
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.
AnalysisAI
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak. Affected products include: Hihonor Magic Ui.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.
Double free vulnerability in the storage module. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will caus
The AOD module has a vulnerability in permission assignment. Rated critical severity (CVSS 9.8), this vulnerability is r
The SystemUI module has a privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-p
There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability m
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may caus
There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate pe
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today