CVE-2023-45594
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download/upload files to/from the file system, with unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Una vulnerabilidad CWE-552 "Archivos o directorios accesibles a partes externas" en el navegador Chromium integrado permite a un atacante físico descargar/cargar archivos arbitrariamente hacia/desde el sistema de archivos, con impactos no especificados en la confidencialidad, integridad y disponibilidad del dispositivo. Este problema afecta: Paquete AiLux imx6 inferior a la versión imx6_1.0.7-2.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2023-10-09 CVE Reserved
- 2024-03-05 CVE Published
- 2024-03-06 EPSS Updated
- 2024-08-12 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-552: Files or Directories Accessible to External Parties
CAPEC
- CAPEC-17: Using Malicious Files
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| AiLux Search vendor "AiLux" | Imx6 Bundle Search vendor "AiLux" for product "Imx6 Bundle" | < 1.0.7-2 Search vendor "AiLux" for product "Imx6 Bundle" and version " < 1.0.7-2" | en |
Affected
| ||||||