Описание
ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。Product: AndroidVersions: Android SoCAndroid ID: A-207479207
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207
EPSS
Процентиль: 27%
0.00096
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-276