CVE-2023-41780

Description

There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-41780
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8

zte.com
CVE ID: CVE-2023-41780
Base Score: 6.4
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 0.5

Refrence: NVD MITRE

Description​

Description