CVE-2023-38293

Name of the Vulnerable Software and Affected Versions Nokia C200 versions with software build fingerprints Nokia/Drake 02US/DRK:12/SP1A.210812.016/02US 1 080:user/release-keys and Nokia/Drake 02US/DRK:12/SP1A.210812.016/02US 1 040:user/release-keys Nokia C100 versions with software build fingerprints Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 270:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 190:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 130:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 110:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 080:user/release-keys, and Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 050:user/release-keys com.tracfone.tfstatus versionCode '31', versionName '12'

Description The issue is related to a pre-installed app with the package name com.tracfone.tfstatus, which allows local third-party apps to execute arbitrary AT commands in its context due to inadequate access control and inadequate input filtering. No permissions or special privileges are necessary to exploit this issue, and no user interaction is required beyond installing and running a third-party app. The app sends a broadcast Intent to the receiver component named com.tracfone.tfstatus/.TFStatus, which extracts a string from the Intent and uses it as an input to execute an AT command. There are two different injection techniques to successfully inject arbitrary AT commands.

Recommendations For Nokia C200 with software build fingerprints Nokia/Drake 02US/DRK:12/SP1A.210812.016/02US 1 080:user/release-keys and Nokia/Drake 02US/DRK:12/SP1A.210812.016/02US 1 040:user/release-keys, consider disabling the com.tracfone.tfstatus app until a patch is available. For Nokia C100 with software build fingerprints Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 270:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 190:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 130:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 110:user/release-keys, Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 080:user/release-keys, and Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 050:user/release-keys, consider disabling the com.tracfone.tfstatus app until a patch is available. For com.tracfone.tfstatus versionCode '31', versionName '12', restrict access to the app until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.