CVE-2023-42645

2023-11-0109:08:12

Unisoc

www.cve.org

sim service

permission usage

local information disclosure

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "T760/T770/T820/S8000",
    "versions": [
      {
        "version": "Android11",
        "status": "affected"
      }
    ],
    "vendor": "Unisoc (Shanghai) Technologies Co., Ltd."
  }
]