6 matches found
CVE-2023-38296
Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...
CVE-2023-38296
Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...
CVE-2023-38291
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices 30Z and 10L and Motorola devices Moto G Pure and Moto G Power leak the Wi-Fi MAC address to a system...
PT-2024-12701 · Tcl · Tcl A3X +1
Name of the Vulnerable Software and Affected Versions: TCL 30Z versions TCL/4188R/Jetta ATT:12/SP1A.210812.016/LV8E:user/release-keys through TCL/T602DL/Jetta TF:12/SP1A.210812.016/vU6X:user/release-keys TCL A3X versions TCL/A600DL/Delhi TF:11/RKQ1.201202.002/vAAZ:user/release-keys through...
CVE-2023-38296
Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...
CVE-2023-38296
CVE-2023-38296 affects TCL 30Z and TCL A3X devices, where the ICCID is leaked to a system property (persist.sys.tctPowerIccid) accessible by any local app without permissions. The issue arises because a high-privilege process exposes the non-resettable device identifier indirectly. Affected build...