PT-2022-10943 · Google · Android

Published

2022-02-11

Updated

2023-03-01

CVE-2021-39658

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android SoC versions (affected versions not specified)

Description The ismsEx service, an extension of the SMS system service in Unisoc equipment, fails to check the permissions of the caller, resulting in permission leaks. This allows third-party apps to arbitrarily modify and set system properties.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2021-39658

Affected Products

Android

PT-2022-10943 · Google · Android

CVE-2021-39658

Weakness Enumeration

Related Identifiers

Affected Products

References · 3