Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-41850

Опубликовано: 11 мар. 2022
Источник: nvd
CVSS3: 7.8
CVSS2: 7.2
EPSS Низкий

Описание

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:bluproducts:g90_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:bluproducts:g90:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:bluproducts:g9_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:bluproducts:g9:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:wikomobile:tommy_3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:wikomobile:tommy_3:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:wikomobile:tommy_3_plus_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:wikomobile:tommy_3_plus:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:luna:simo_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:luna:simo:-:*:*:*:*:*:*:*

EPSS

Процентиль: 36%
0.00149
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-9j3f-94w3-hrhc

CVSS3: 7.8
github
почти 4 года назад

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.

EPSS

Процентиль: 36%
0.00149
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-200