Описание
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
EPSS
Процентиль: 1%
0.00012
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 6.7
github
около 4 лет назад
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-201779035
EPSS
Процентиль: 1%
0.00012
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732