PT-2023-15844 · Unknown · Iaware System

Published

2023-07-06

Updated

2023-07-13

CVE-2022-48518

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions iaware system (affected versions not specified)

Description The issue is related to the signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. This can be exploited to cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, affecting system performance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-701CWE-665

Related Identifiers

CVE-2022-48518

Affected Products

Iaware System

PT-2023-15844 · Unknown · Iaware System

CVE-2022-48518

Weakness Enumeration

Related Identifiers

Affected Products

References · 6