1. Home
  2. CVE Database
  3. CVE-2023-41960
HIGH · 7.1

CVE-2023-41960

The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive setti...

Vulnerability Description

The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
BoschrexrothCtrlx Hmi Web Panel Wr2107 FirmwareAll versions
BoschrexrothCtrlx Hmi Web Panel Wr2107-
BoschrexrothCtrlx Hmi Web Panel Wr2110 FirmwareAll versions
BoschrexrothCtrlx Hmi Web Panel Wr2110-
BoschrexrothCtrlx Hmi Web Panel Wr2115 FirmwareAll versions
BoschrexrothCtrlx Hmi Web Panel Wr2115-

Related Weaknesses (CWE)

CWE-926

References

FAQ

What is CVE-2023-41960?

CVE-2023-41960 is a vulnerability with a CVSS score of 7.1 (HIGH). The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive setti...

How severe is CVE-2023-41960?

CVE-2023-41960 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-41960?

Check the references section above for vendor advisories and patch information. Affected products include: Boschrexroth Ctrlx Hmi Web Panel Wr2107 Firmware, Boschrexroth Ctrlx Hmi Web Panel Wr2107, Boschrexroth Ctrlx Hmi Web Panel Wr2110 Firmware, Boschrexroth Ctrlx Hmi Web Panel Wr2110, Boschrexroth Ctrlx Hmi Web Panel Wr2115 Firmware.