MS Windows Device Administration Permission Bypass Local Priv Escalation
CVE-2023-32871 Published on May 6, 2024
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.
Vulnerability Analysis
CVE-2023-32871 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.
Weakness Type
Unchecked Error Condition
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
Products Associated with CVE-2023-32871
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-32871 are published in these products:
Affected Versions
MediaTek, Inc. MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8755, MT8765, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798:- Version Android 11.0, 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3, 4.0 / RDK-B 22Q3 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
- Version android_11.0, <= android_14.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.