Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-12-11
Updated
2023-12-13
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Max CVSS
6.3
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-01-05
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases. ESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability. Upgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2.
Max CVSS
9.8
EPSS Score
0.12%
Published
2023-04-26
Updated
2023-05-09
In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Max CVSS
5.0
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240428519References: N/A
Max CVSS
6.8
EPSS Score
0.05%
Published
2023-01-26
Updated
2023-02-01
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-25
Updated
2023-08-02
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-10
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
Max CVSS
4.6
EPSS Score
0.05%
Published
2022-12-08
Updated
2022-12-12
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
Max CVSS
5.7
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-12
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-12
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
Max CVSS
4.3
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-07-14
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
Max CVSS
4.3
EPSS Score
0.04%
Published
2022-11-09
Updated
2022-11-10
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-07-14
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
Max CVSS
5.9
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-06-27
Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.
Max CVSS
5.1
EPSS Score
0.04%
Published
2022-10-07
Updated
2022-10-11
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-10-07
Updated
2022-10-08
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-10-07
Updated
2022-10-11
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-07-21
Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-06-27
200 vulnerabilities found
1 2 3 4 5 6 7 8
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!