CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38299

Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining...

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

CVE-2023-38302

A certain software build for the Sharp Rouvo V device SHARP/VZWSTTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN00530:user/release-keys leaks the Wi-Fi MAC address and the Bluetooth MAC address to system properties that can be accessed by any local app on the device without any permissions or special...

CVE-2023-38296

CVE-2023-38296 affects TCL 30Z and TCL A3X devices, where the ICCID is leaked to a system property (persist.sys.tctPowerIccid) accessible by any local app without permissions. The issue arises because a high-privilege process exposes the non-resettable device identifier indirectly. Affected build...

CVE-2023-38300

CVE-2023-38300 affects the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys). A high-privilege process leaks non-resettable identifiers by exposing IMEI via persist.sys.verizon_test_plan_imei and ICCID via persist.sys.verizon_test_plan_iccid to system proper...

CVE-2023-38302

CVE-2023-38302 affects a Sharp Rouvo V device build (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys). The vulnerability arises because the device leaks the Wi‑Fi MAC address and the Bluetooth MAC address to system properties that any local app can access without p...

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

Cheetah Free WiFi Local Elevation of Privilege Vulnerability

Cheetah Free WiFi is a free and minimalist wireless router that allows users to instantly turn their computers into free WiFi by simply downloading and running it, thus allowing cell phones, PADs and other wireless devices to access the Internet for free. The system service installed by Cheetah...