CVE-2023-41780: Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI
First published: Wed Jan 03 2024(Updated: )
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the program failed to adequately validate the user's input, an attacker could exploit this vulnerability to escalate local privileges.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ZTE ZXCloud iRAI | <7.23.32 | |
| ZTE ZXCloud iRAI |
Remedy
7.23.32
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-41780?
CVE-2023-41780 has been classified with a critical severity level due to its potential for local privilege escalation.
How do I fix CVE-2023-41780?
To fix CVE-2023-41780, update ZTE ZXCLOUD iRAI to a version above 7.23.32 or apply any vendor-provided patches.
What type of vulnerability is CVE-2023-41780?
CVE-2023-41780 is categorized as an unsafe DLL loading vulnerability which can be exploited by attackers.
Who is affected by CVE-2023-41780?
Users of ZTE ZXCLOUD iRAI versions up to 7.23.32 are vulnerable to CVE-2023-41780.
Can CVE-2023-41780 be exploited remotely?
No, CVE-2023-41780 requires local access for an attacker to exploit the unsafe DLL loading vulnerability.
- agent/type
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/title
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/zte
- canonical/zte zxcloud irai