CVE-2023-29727

Exploit

EPSS 1.21%
Veröffentlicht 30.05.2023 23:15:09
Zuletzt bearbeitet 13.01.2025 18:15:13
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Call Blocker application 6.6.3 for Android allows unauthorized applications to use exposed components to delete data stored in its database that is related to user privacy settings and affects the implementation of the normal functionality of the application. An attacker can use this to cause an escalation of privilege attack.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Applika ≫ Call Blocker Version6.6.3 SwPlatformandroid

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.21%	0.644

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-922 Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

https://play.google.com/store/apps/details?id=com.cuiet.blockCalls

Product

https://www.call-blocker.info/

Product

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29727/CVE%20detail.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-29727

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29727

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29727

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-29727