NVD disclosure day

Published threat advisories for September 11, 2023

CVE advisoryKnown Exploit

CVE-2023-35674

Android Local Privilege Escalation Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A logic error in Android's window management allows local privilege escalation without user interaction. This impacts affected systems and data integrity by enabling unauthorized privilege increases. Organizations should identify and mitigate the risk to these systems.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2023-39780

ASUS RT-AX55 Router Command Injection Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Certain ASUS RT-AX55 devices are vulnerable to OS command injection, allowing authenticated attackers to execute commands. This could lead to unauthorized access and control of affected devices, impacting network operations and data integrity. The risk is significant due to the potential for widespread compromise.

NVD published: • CISA KEV