CVE-2023-41780 (GCVE-0-2023-41780)

Vulnerability from cvelistv5 – Published: 2024-01-03 01:52 – Updated: 2024-09-06 17:48
VLAI?
Title
Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI
Summary
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the  program  failed to adequately validate the user's input, an attacker could exploit this vulnerability  to escalate local privileges.
Severity ?
6.4 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
zte
References
Impacted products
Vendor Product Version
ZTE ZXCLOUD iRAI Affected: All versions up to 7.23.23 , ≤ 7.23.23 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:09:48.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "zxcloud_irai_firmware",
            "vendor": "zte",
            "versions": [
              {
                "lessThan": "7.23.23",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41780",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-08T20:33:26.874082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-06T17:48:21.970Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "ZXCLOUD iRAI",
          "vendor": "ZTE",
          "versions": [
            {
              "lessThanOrEqual": "7.23.23",
              "status": "affected",
              "version": "All versions up to 7.23.23",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \u0026nbsp;program \u0026nbsp;failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \u0026nbsp;to escalate local privileges.\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \u00a0program \u00a0failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \u00a0to escalate local privileges.\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-1",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-03T01:57:56.978Z",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "url": "https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "7.23.32"
            }
          ],
          "value": "7.23.32"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2023-41780",
    "datePublished": "2024-01-03T01:52:10.749Z",
    "dateReserved": "2023-09-01T09:02:00.657Z",
    "dateUpdated": "2024-09-06T17:48:21.970Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.23.32\", \"matchCriteriaId\": \"FC0DCC6B-32B8-4C28-BDAF-37604BA1ABFC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D48BE8C-7C78-41D7-87F1-22BFB91E3A5C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \\u00a0program \\u00a0failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \\u00a0to escalate local privileges.\\n\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de carga de DLL insegura en ZTE ZXCLOUD iRAI. Debido a que el programa no pudo validar adecuadamente la entrada del usuario, un atacante podr\\u00eda aprovechar esta vulnerabilidad para escalar los privilegios locales.\"}]",
      "id": "CVE-2023-41780",
      "lastModified": "2024-11-21T08:21:40.320",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@zte.com.cn\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2024-01-03T02:15:43.403",
      "references": "[{\"url\": \"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\", \"source\": \"psirt@zte.com.cn\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@zte.com.cn",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@zte.com.cn\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-41780\",\"sourceIdentifier\":\"psirt@zte.com.cn\",\"published\":\"2024-01-03T02:15:43.403\",\"lastModified\":\"2025-01-28T15:36:03.663\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \u00a0program \u00a0failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \u00a0to escalate local privileges.\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de carga de DLL insegura en ZTE ZXCLOUD iRAI. Debido a que el programa no pudo validar adecuadamente la entrada del usuario, un atacante podr\u00eda aprovechar esta vulnerabilidad para escalar los privilegios locales.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@zte.com.cn\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@zte.com.cn\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.23.32\",\"matchCriteriaId\":\"8E5C0A67-F7F1-40F3-BC1A-0F4F67495FB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:zte:zxcloud_irai:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96352962-7748-44B8-9490-B95202771469\"}]}]}],\"references\":[{\"url\":\"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T19:09:48.247Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-41780\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-08T20:33:26.874082Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"zte\", \"product\": \"zxcloud_irai_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.23.23\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-06T17:48:16.683Z\"}}], \"cna\": {\"title\": \"Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-1\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ZTE\", \"product\": \"ZXCLOUD iRAI\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions up to 7.23.23\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.23.23\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"7.23.32\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"7.23.32\", \"base64\": false}]}], \"references\": [{\"url\": \"https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \\u00a0program \\u00a0failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \\u00a0to escalate local privileges.\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThere is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the \u0026nbsp;program \u0026nbsp;failed to adequately validate the user\u0027s input, an attacker could exploit this vulnerability \u0026nbsp;to escalate local privileges.\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"6786b568-6808-4982-b61f-398b0d9679eb\", \"shortName\": \"zte\", \"dateUpdated\": \"2024-01-03T01:57:56.978Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-41780\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-06T17:48:21.970Z\", \"dateReserved\": \"2023-09-01T09:02:00.657Z\", \"assignerOrgId\": \"6786b568-6808-4982-b61f-398b0d9679eb\", \"datePublished\": \"2024-01-03T01:52:10.749Z\", \"assignerShortName\": \"zte\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.