CVE-2023-6321
CVSS V2 None
CVSS V3 None
Description
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
Overview
- CVE ID
- CVE-2023-6321
- Assigner
- Bitdefender
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-05-15T12:07:44.554Z
- Last Modified Date
- 2024-06-06T13:04:03.509Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/ |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-6321 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6321 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 06:02:57 | Added to TrackCVE |