CVE-2023-40728

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-922
View all →

Vulnerability Description

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.

Related Vulnerabilities

CVE-2022-43475

HIGH
CVSS:7.8(High)

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-9222022

CVE-2022-44619

HIGH
CVSS:7.8(High)

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-9222022

CVE-2023-29755

HIGH
CVSS:7.8(High)

An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files.

CWE-9222023

CVE-2023-29757

HIGH
CVSS:7.8(High)

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files.

CWE-9222023

CVE-2023-32184

HIGH
CVSS:7.8(High)

A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This i...

CWE-9222023