Описание
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Уязвимость службы GATT Bluetooth-чипов TWS-наушников Airoha Technology, связанная с отсутствием аутентификации для критичной функции, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
8.8 High
CVSS3