11 matches found
CVE-2023-25645
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and...
EUVD-2023-29584
Malicious code in bioql PyPI...
CVE-2025-8192 Race condition in AndroidTV TvSettings
There exists a TOCTOU race condition in TvSettings AppRestrictionsFragment.java that lead to start of attacker supplied activity in Settings’ context, i.e. system-uid context, thus lead to launchAnyWhere. The core idea is to utilize the time window between the check of Intent and the use to Inten...
CVE-2025-8192
CVE-2025-8192 = TOCTOU race in TvSettings AppRestrictionsFragment.java on Android TV that allows starting an attacker supplied activity within the Settings context (system-uid), potentially enabling launchAnyWhere. Exploitation is local with low privileges and no user interaction, exploiting a wi...
CVE-2025-8192 Race condition in AndroidTV TvSettings
There exists a TOCTOU race condition in TvSettings AppRestrictionsFragment.java that lead to start of attacker supplied activity in Settings’ context, i.e. system-uid context, thus lead to launchAnyWhere. The core idea is to utilize the time window between the check of Intent and the use to Inten...
CVE-2023-25645
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and...
Design/Logic Flaw
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and...
CVE-2023-25645
CVE-2023-25645 describes a permission and access-control vulnerability in ZTE AndroidTV STBs. The root cause is improper permission settings that allow non-privileged applications to perform functions protected by signature/privilege-level permissions. The documented impact is that exploitation c...
PT-2023-20206 · Zte · Zte Androidtv Stbs
Name of the Vulnerable Software and Affected Versions: ZTE AndroidTV STBs affected versions not specified Description: The issue is related to improper permission settings, allowing non-privileged applications to perform protected functions. This could lead to the clearance of personal data and...
CVE-2023-25645
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and...
CVE-2023-25645
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and...