CVE-2023-42531

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions SmsController versions prior to SMR Nov-2023 Release1

Description The issue is related to improper access control in the SmsController, allowing local attackers to bypass restrictions on starting activities from the background.

Recommendations For versions prior to SMR Nov-2023 Release1, update to the SMR Nov-2023 Release1 or later to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2023-42531

Affected Products

Smscontroller

CVE-2023-42531

Weakness Enumeration

Related Identifiers

Affected Products

References · 5