CVE-2023-20942

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-326
View all →

Vulnerability Description

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2002-1682

MEDIUM
CVSS:5.5(Medium)

NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.

CWE-3262002

CVE-2002-1739

MEDIUM
CVSS:5.5(Medium)

Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.

CWE-3262002

CVE-2002-1946

MEDIUM
CVSS:5.5(Medium)

Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry ke...

CWE-3262002

CVE-2002-1975

MEDIUM
CVSS:5.5(Medium)

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via br...

CWE-3262002

CVE-2018-1518

MEDIUM
CVSS:5.5(Medium)

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

CWE-3262018

CVE-2020-10375

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords...

CWE-3262020