CVE-2023-46870

{"id": "CVE-2023-46870", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.3}]}, "published": "2024-05-14T13:54:34.163", "references": [{"url": "https://github.com/Chapoly1305/CVE-2023-46870", "source": "cve@mitre.org"}, {"url": "https://github.com/Chapoly1305/CVE-2023-46870", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts."}, {"lang": "es", "value": "extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py en Nordic Semiconductor nRF Sniffer para Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0 y 4.1.1 tienen una configuraci\u00f3n incorrecta permiso de archivo, que permite a los atacantes ejecutar c\u00f3digo a trav\u00e9s de scripts bash y python modificados."}], "lastModified": "2024-11-21T08:29:27.497", "sourceIdentifier": "cve@mitre.org"}