CVE-2023-41780

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 3, 2024

Updated: Jan 9, 2024

CWE ID 427

CWE ID 22

Summary

CVE-2023-41780 is a local privilege escalation vulnerability affecting ZTE ZXCLOUD iRAI. The issue arises due to the software's inadequate validation of user input, allowing an attacker to load an unsafe DLL and escalate privileges. This could potentially grant an attacker system-level access, resulting in significant security consequences. Organizations using this product are advised to apply the available patch promptly to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ZTE Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/shueN7
https://www.cve.org/CVERecord?id=CVE-2023-41780
https://nvd.nist.gov/vuln/detail/CVE-2023-41780

Back to Vulnerability Database

CVE-2023-41780

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations