PT-2023-27557 · Unisoc (Shanghai) Technologies Co.+1 · T760/T770/T820/S8000+1

Publicado

2023-10-07

Atualizado

2023-10-11

CVE-2023-40636

CVSS v3.1

4.4

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Telecom service (affected versions not specified)

Description The issue is related to a missing permission check in the telecom service, which could allow writing permission usage records of an app. This might lead to local information disclosure, requiring System execution privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2023-40636

Produtos afetados

T760/T770/T820/S8000

Android

PT-2023-27557 · Unisoc (Shanghai) Technologies Co.+1 · T760/T770/T820/S8000+1

CVE-2023-40636

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7