ghsa-32xp-f3ph-fppf
Vulnerability from github
Published
2023-09-14 18:32
Modified
2024-04-04 07:40
Severity
Details
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application uses weak outdated application signing mechanism. This could allow an attacker to tamper the application code.
{ "affected": [], "aliases": [ "CVE-2023-40727" ], "database_specific": { "cwe_ids": [ "CWE-347" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-09-12T10:15:29Z", "severity": "HIGH" }, "details": "A vulnerability has been identified in QMS Automotive (All versions \u003c V12.39). The QMS.Mobile module of the affected application uses weak outdated application signing mechanism. This could allow an attacker to tamper the application code.", "id": "GHSA-32xp-f3ph-fppf", "modified": "2024-04-04T07:40:31Z", "published": "2023-09-14T18:32:40Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40727" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
Loading...