CVE-2023-33070
published 2023-12-05CVE-2023-33070: Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
PriorityP421medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.14%
3.8th percentile
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
Affected
103 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9cq4-qvx2-f3hh: Transient DOS in Automotive OS due to improper authentication to the secure IO calls
ghsa_unreviewed·2023-12-05
CVE-2023-33070 [HIGH] CWE-287 GHSA-9cq4-qvx2-f3hh: Transient DOS in Automotive OS due to improper authentication to the secure IO calls
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
OSV
sudo vulnerabilities
osv·2023-01-18·CVSS 5.5
CVE-2023-22809 sudo vulnerabilities
sudo vulnerabilities
Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
handled user-specified editors when using the sudoedit command. A local
attacker that has permission to use the sudoedit command could possibly use
this issue to edit arbitrary files. (CVE-2023-22809)
It was discovered that the Protobuf-c library, used by Sudo, incorrectly
handled certain arithmetic shifts. An attacker could possibly use this
issue to cause Sudo to crash, resulting in a denial of service. This issue
only affected Ubuntu 22.04 LTS. (CVE-2022-33070)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-12-05
Published